Question #55 Topic 1

What are two benefits of private IPv4 IP addresses? (Choose two.)

  • A. They are routed the same as public IP addresses.
  • B. They are less costly than public IP addresses.
  • C. They can be assigned to devices without Internet connections.
  • D. They eliminate the necessity for NAT policies.
  • E. They eliminate duplicate IP conflicts.
Reveal Solution Hide Solution   Discussion   30

Correct Answer: BC 🗳️

Community vote distribution
BC (78%)
AB (22%)

Question #56 Topic 1

What are two benefits that the UDP protocol provide for application traffic? (Choose two.)

  • A. UDP traffic has lower overhead than TCP traffic
  • B. UDP provides a built-in recovery mechanism to retransmit lost packets
  • C. The CTL field in the UDP packet header enables a three-way handshake to establish the connection
  • D. UDP maintains the connection state to provide more stable connections than TCP
  • E. The application can use checksums to verify the integrity of application data
Reveal Solution Hide Solution   Discussion   9

Correct Answer: AE 🗳️

Question #57 Topic 1

Which two goals reasons to implement private IPv4 addressing on your network? (Choose two.)

  • A. Comply with PCI regulations
  • B. Conserve IPv4 address
  • C. Reduce the size of the forwarding table on network routers
  • D. Reduce the risk of a network security breach
  • E. Comply with local law
Reveal Solution Hide Solution   Discussion   19

Correct Answer: BD 🗳️

Community vote distribution
BD (100%)

Question #58 Topic 1

Which WAN access technology is preferred for a small office / home office architecture?

  • A. broadband cable access
  • B. frame-relay packet switching
  • C. dedicated point-to-point leased line
  • D. Integrated Services Digital Network switching
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️
Service providers provide Internet access using broadband services such as DSL, cable, and satellite access. Broadband connections are typically used to connect small offices and telecommuting employees to a corporate site over the Internet. Data traveling between corporate sites over the public WAN infrastructure should be protected using VPNs.

Community vote distribution
A (100%)

Question #59 Topic 1

Which two WAN architecture options help a business scalability and reliability for the network? (Choose two.)

  • A. asychronous routing
  • B. single-homed branches
  • C. dual-homed branches
  • D. static routing
  • E. dynamic routing
Reveal Solution Hide Solution   Discussion   48

Correct Answer: CE 🗳️
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/nsite/wan_optimization/WANoptSolutionGd.pdf

Community vote distribution
CE (71%)
AC (29%)

Question #60 Topic 1

What is the binary pattern of unique ipv6 unique local address?

  • A. 00000000
  • B. 11111100
  • C. 11111111
  • D. 11111101
Reveal Solution Hide Solution   Discussion   33

Correct Answer: B 🗳️
A IPv6 Unique Local Address is an IPv6 address in the block FC00::/7, which means that IPv6 Unique Local addresses begin with 7 bits with exact binary pattern as 1111 110 -> Answer B is correct.
Note: IPv6 Unique Local Address is the approximate IPv6 counterpart of the IPv4 private address. It is not routable on the global Internet.

Community vote distribution
B (58%)
D (42%)

Question #61 Topic 1

Which two options are the best reasons to use an IPV4 private IP space? (Choose two.)

  • A. to enable intra-enterprise communication
  • B. to implement NAT
  • C. to connect applications
  • D. to conserve global address space
  • E. to manage routing overhead
Reveal Solution Hide Solution   Discussion   12

Correct Answer: AD 🗳️

Community vote distribution
AD (75%)
AB (25%)

Question #62 Topic 1

Refer to the exhibit. When PC1 sends a packet to PC2, the packet has which source and destination IP address when it arrives at interface Gi0/0 on router R2?

  • A. source 192.168.10.10 and destination 10.10.2.2
  • B. source 192.168.20.10 and destination 192.168.20.1
  • C. source 192.168.10.10 and destination 192.168.20.10
  • D. source 10.10.1.1 and destination 10.10.2.2
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️
The source and destination IP addresses of the packets are unchanged on all the way. Only source and destination MAC addresses are changed.

Community vote distribution
C (100%)

Question #63 Topic 1

What is the same for both copper and fiber interfaces when using SFP modules?

  • A. They support an inline optical attenuator to enhance signal strength
  • B. They accommodate single-mode and multi-mode in a single module
  • C. They provide minimal interruption to services by being hot-swappable
  • D. They offer reliable bandwidth up to 100 Mbps in half duplex mode
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #64 Topic 1

What are two functions of a server on a network? (Choose two.)

  • A. handles requests from multiple workstations at the same time
  • B. achieves redundancy by exclusively using virtual server clustering
  • C. housed solely in a data center that is dedicated to a single client achieves redundancy by exclusively using virtual server clustering
  • D. runs the same operating system in order to communicate with other servers
  • E. runs applications that send and retrieve data for workstations that make requests
Reveal Solution Hide Solution   Discussion   3

Correct Answer: AE 🗳️

Community vote distribution
AE (100%)

Question #65 Topic 1

Which function is performed by the collapsed core layer in a two-tier architecture?

  • A. enforcing routing policies
  • B. marking interesting traffic for data policies
  • C. applying security policies
  • D. attaching users to the edge of the network
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #66 Topic 1

What is the primary function of a Layer 3 device?

  • A. to transmit wireless traffic between hosts
  • B. to analyze traffic and drop unauthorized traffic from the Internet
  • C. to forward traffic within the same broadcast domain
  • D. to pass traffic between different networks
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #67 Topic 1

Which two functions are performed by the core layer in a three-tier architecture? (Choose two.)

  • A. Provide uninterrupted forwarding service
  • B. Inspect packets for malicious activity
  • C. Ensure timely data transfer between layers
  • D. Provide direct connectivity for end user devices
  • E. Police traffic that is sent to the edge of the network
Reveal Solution Hide Solution   Discussion   16

Correct Answer: AC 🗳️
Reference:
https://www.mcmcse.com/cisco/guides/hierarchical_model.shtml

Community vote distribution
AC (100%)

Question #68 Topic 1

What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency?

  • A. different nonoverlapping channels
  • B. one overlapping channel
  • C. one nonoverlapping channel
  • D. different overlapping channels
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Community vote distribution
A (70%)
C (30%)

Question #69 Topic 1

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software that is only used occasionally. Which cloud service model does the engineer recommend?

  • A. infrastructure-as-a-service
  • B. platform-as-a-service
  • C. business process as service to support different types of service
  • D. software-as-a-service
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #70 Topic 1

What are two functions of a Layer 2 switch? (Choose two.)

  • A. acts as a central point for association and authentication servers
  • B. selects the best route between networks on a WAN
  • C. moves packets within a VLAN
  • D. moves packets between different VLANs
  • E. makes forwarding decisions based on the MAC address of a packet
Reveal Solution Hide Solution   Discussion   11

Correct Answer: CE 🗳️

Community vote distribution
CE (100%)

Question #71 Topic 1

DRAG DROP -
Drag and drop the TCP/IP protocols from the left onto their primary transmission protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   24

Correct Answer:

Question #72 Topic 1

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use
5GHz access points?

  • A. Client Band Select
  • B. Re-Anchor Roamed Clients
  • C. OEAP Spilt Tunnel
  • D. 11ac MU-MIMO
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #73 Topic 1

Which networking function occurs on the data plane?

  • A. processing inbound SSH management traffic
  • B. sending and receiving OSPF Hello packets
  • C. facilitates spanning-tree elections
  • D. forwarding remote client/server traffic
Reveal Solution Hide Solution   Discussion   13

Correct Answer: D 🗳️

Community vote distribution
D (90%)
10%

Question #74 Topic 1

Under which condition is TCP preferred over UDP?

  • A. UDP is used when low latency is optimal, and TCP is used when latency is tolerable.
  • B. TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out-of-order.
  • C. TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable.
  • D. UDP is used when data is highly interactive, and TCP is used when data is time-sensitive.
Reveal Solution Hide Solution   Discussion   23

Correct Answer: C 🗳️

Community vote distribution
C (87%)
13%

Question #75 Topic 1


Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report intermittent connectivity issues with applications hosted at SiteB. What is the cause of the intermittent connectivity issue?

  • A. Interface errors are incrementing.
  • B. High usage is causing high latency.
  • C. An incorrect SFP media type was used at SiteA.
  • D. The sites were connected with the wrong cable type.
Reveal Solution Hide Solution   Discussion   30

Correct Answer: A 🗳️
The only indicator of any issues here is the reliability 166/255 on SiteA. When the input and output errors increase, they affect the reliability counter. This indicates how likely it is that a packet can be delivered or received successfully. Reliability is calculated like this: reliability = number of packets / number of total frames.
The value of 255 is the highest value meaning that the interface is very reliable at the moment. The calculation above is done every 5 minutes.

Community vote distribution
A (71%)
B (29%)

Question #76 Topic 1

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied, the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?

  • A. ipv6 address 2001::db8:0000::500:a:400F:583B
  • B. ipv6 address 2001:db8:0::500:a:4F:583B
  • C. ipv6 address 2001:db8::500:a:400F:583B
  • D. ipv6 address 2001:0db8::5:a:4F:583B
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #77 Topic 1

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

  • A. Layer 2 switch
  • B. LAN controller
  • C. load balancer
  • D. firewall
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #78 Topic 1

What is a role of access points in an enterprise network?

  • A. integrate with SNMP in preventing DDoS attacks
  • B. serve as a first line of defense in an enterprise network
  • C. connect wireless devices to a wired network
  • D. support secure user logins to devices on the network
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #79 Topic 1

An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between hardware and virtual machines?

  • A. router
  • B. hypervisor
  • C. switch
  • D. straight cable
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #80 Topic 1

How does a Cisco Unified Wireless Network respond to Wi-Fi channel overlap?

  • A. It allows the administrator to assign the channels on a per-device or per-interface basis.
  • B. It segregates devices from different manufactures onto different channels.
  • C. It analyzes client load and background noise and dynamically assigns a channel.
  • D. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points.
Reveal Solution Hide Solution   Discussion   34

Correct Answer: C 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-3/b_RRM_White_Paper/dca.html

Community vote distribution
C (80%)
D (20%)

Question #81 Topic 1

In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

  • A. The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.
  • B. The ISP requires the new subnet to be advertised to the Internet for web services.
  • C. There is limited unique address space, and traffic on the new subnet will stay local within the organization.
  • D. Traffic on the subnet must traverse a site-to-site VPN to an outside organization.
Reveal Solution Hide Solution   Discussion   15

Correct Answer: C 🗳️

Community vote distribution
C (83%)
Other

Question #82 Topic 1

DRAG DROP -
Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #83 Topic 1

Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

  • A. data
  • B. management
  • C. control
  • D. action
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #84 Topic 1

What is the difference in data transmission delivery and reliability between TCP and UDP?

  • A. TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.
  • B. TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.
  • C. UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.
  • D. UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️
UDP speeds up transmissions by enabling the transfer of data before an agreement is provided by the receiving party. As a result, UDP is beneficial in time- sensitive communications, including voice over IP (VoIP), domain name system (DNS) lookup, and video or audio playback.

Community vote distribution
B (100%)

Question #85 Topic 1


Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A, verifying the IP addresses, and forwarding the packet to PC-B?

  • A. router
  • B. Layer 2 switch
  • C. load balancer
  • D. firewall
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #86 Topic 1

What is the maximum bandwidth of a T1 point-to-point connection?

  • A. 1.544 Mbps
  • B. 2.048 Mbps
  • C. 34.368 Mbps
  • D. 43.7 Mbps
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #87 Topic 1

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

  • A. Both support speeds up to 10 Gigabit.
  • B. Both support speeds of at least 1 Gigabit.
  • C. Both support runs of up to 55 meters.
  • D. Both support runs of up to 100 meters.
  • E. Both operate at a frequency of 500 MHz.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: BD 🗳️

Community vote distribution
BD (100%)

Question #88 Topic 1

What is a characteristic of cloud-based network topology?

  • A. onsite network services are provided with physical Layer 2 and Layer 3 components
  • B. wireless connections provide the sole access method to services
  • C. physical workstations are configured to share resources
  • D. services are provided by a public, private, or hybrid deployment
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #89 Topic 1

Which network action occurs within the data plane?

  • A. reply to an incoming ICMP echo request
  • B. make a configuration change from an incoming NETCONF RPC
  • C. run routing protocols (OSPF, EIGRP, RIP, BGP)
  • D. compare the destination IP address to the IP routing table
Reveal Solution Hide Solution   Discussion   22

Correct Answer: D 🗳️

Community vote distribution
D (86%)
14%

Question #90 Topic 1


Refer to the exhibit. R1 has just received a packet from host A that is destined to host B. Which route in the routing table is used by R1 to reach host B?

  • A. 10.10.13.0/25 [1/0] via 10.10.10.2
  • B. 10.10.13.0/25 [108/0] via 10.10.10.10
  • C. 10.10.13.0/25 [110/2] via 10.10.10.6
  • D. 10.10.13.0/25 [110/2] via 10.10.10.2
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Community vote distribution
B (83%)
A (17%)

Question #91 Topic 1

Which two network actions occur within the data plane? (Choose two.)

  • A. Run routing protocols.
  • B. Make a configuration change from an incoming NETCONF RPC.
  • C. Add or remove an 802.1Q trunking header.
  • D. Match the destination MAC address to the MAC address table.
  • E. Reply to an incoming ICMP echo request.
Reveal Solution Hide Solution   Discussion   21

Correct Answer: CD 🗳️

Community vote distribution
CD (94%)
6%

Question #92 Topic 1

What are network endpoints?

  • A. support inter-VLAN connectivity
  • B. a threat to the network if they are compromised
  • C. act as routers to connect a user to the service provider network
  • D. enforce policies for campus-wide traffic going to the Internet
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #93 Topic 1


Refer to the exhibit. The link between PC1 and the switch is up, but it is performing poorly. Which interface condition is causing the performance problem?

  • A. There is an issue with the fiber on the switch interface.
  • B. There is a duplex mismatch on the interface.
  • C. There is an interface type mismatch.
  • D. There is a speed mismatch on the interface.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #94 Topic 1

Why was the RFC 1918 address space defined?

  • A. conserve public IPv4 addressing
  • B. support the NAT protocol
  • C. preserve public IPv6 address space
  • D. reduce instances of overlapping IP addresses
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #95 Topic 1

DRAG DROP -
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #96 Topic 1

DRAG DROP -
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:
Reference:
https://learningnetwork.cisco.com/s/question/0D53i00000Kt6kl/ipv6-unique-local-addresses

Question #97 Topic 1

Which type of organization should use a collapsed-core architecture?

  • A. small and needs to reduce networking costs
  • B. large and must minimize downtime when hardware fails
  • C. large and requires a flexible, scalable network design
  • D. currently small but is expected to grow dramatically in the near future
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️
It is ideal for small companies: The collapsed core model is a reduced version of the three-tier model. The deduction was made to create a network for small and medium-sized campuses. Therefore, smaller institutions can get the advantage of using a collapsed core network while still gaining the same benefits they would if they were using a three-tier model. Small organizations often cannot afford the hardware and human resources to run the network can benefit greatly with less oversight necessary.
And reduces cost: In a traditional three-tier campus network, the core layer is typically a complex and expensive piece of hardware. This layer is eliminated with collapsed core architecture, reducing both cost and complexity.

Community vote distribution
A (100%)

Question #98 Topic 1

A network administrator is setting up a new IPv6 network using the 64-bit address 2001:0EB8:00C1:2200:0001:0000:0000:0331/64. To simplify the configuration, the administrator has decided to compress the address. Which IP address must the administrator configure?

  • A. ipv6 address 2001:EB8:C1:22:1::331/64
  • B. ipv6 address 21:EB8:C1:2200:1::331/64
  • C. ipv6 address 2001:EB8:C1:2200:1:0000:331/64
  • D. ipv6 address 2001:EB8:C1:2200:1::331/64
Reveal Solution Hide Solution   Discussion   51

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #99 Topic 1

DRAG DROP -
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #100 Topic 1

What is an appropriate use for private IPv4 addressing?

  • A. to allow hosts inside to communicate in both directions with hosts outside the organization
  • B. on internal hosts that stream data solely to external resources
  • C. on the public-facing interface of a firewall
  • D. on hosts that communicate only with other internal hosts
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #101 Topic 1


Refer to the exhibit. An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0/1 interface for the router to assign a unique 64-bit IPv6 address to itself?

  • A. ipv6 address 2001:DB8:0:1:FFFF:C601:420F:7/64
  • B. ipv6 address 2001:DB8:0:1:FE80:C601:420F:7/64
  • C. ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64
  • D. ipv6 address 2001:DB8:0:1:C601:42FF:800F:7/64
Reveal Solution Hide Solution   Discussion   35

Correct Answer: B 🗳️

Community vote distribution
C (82%)
B (18%)

Question #102 Topic 1

What is a similarity between 1000BASE-LX and 1000BASE-T standards?

  • A. Both use the same data-link header and trailer formats.
  • B. Both cable types support RJ-45 connectors.
  • C. Both support up to 550 meters between nodes.
  • D. Both cable types support LR connectors.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #103 Topic 1


Refer to the exhibit. The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent?

  • A. 192.168.1.253
  • B. 192.168.1.100
  • C. 192.168.1.226
  • D. 192.168.1.254
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #104 Topic 1

Which function forwards frames to ports that have a matching destination MAC address?

  • A. frame flooding
  • B. frame filtering
  • C. frame pushing
  • D. frame switching
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #105 Topic 1

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

  • A. global unicast address
  • B. link-local address
  • C. anycast address
  • D. multicast address
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #106 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. composed of up to 65,536 available addresses
  • B. issued by IANA in conjunction with an autonomous system number
  • C. used without tracking or registration
  • D. traverse the Internet when an outbound ACL is applied
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #107 Topic 1

What is a function of an endpoint on a network?

  • A. provides wireless services to users in a building
  • B. connects server and client device to a network
  • C. allows users to record data and transmit to a file server
  • D. forwards traffic between VLANs on a network
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️
An endpoint is a remote computing device that communicates back and forth with a network to which it is connected. Examples of endpoints include:
✑ Desktops
✑ Laptops
✑ Smartphones
✑ Tablets
✑ Servers
✑ Workstations
Internet-of-things (IoT) devices

Community vote distribution
C (67%)
B (33%)

Question #108 Topic 1

What is the function of a controller in controller-based networking?

  • A. It serves as the centralized management point of an SDN architecture
  • B. It is a pair of core routers that maintain all routing decisions for a campus
  • C. It centralizes the data plane for the network
  • D. It is the card on a core router that maintains all routing decisions for a campus.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #109 Topic 1


Refer to the exhibit. Each router must be configured with the last usable IP address in the subnet. Which configuration fulfills this requirement?

  • A. R7# interface FastEthernet1/0 ip address 10.88.31.127 255.255.255.192 R8# interface FastEthernet0/0 ip address 10.19.63.95 255.255.255.240 R9# interface FastEthernet1/1 ip address 10.23.98.159 255.255.255.224
  • B. R7# interface FastEthernet1/0 ip address 10.88.31.126 255.255.255.240 R8# interface FastEthernet0/0 ip address 10.19.63.94 255.255.255.192 R9# interface FastEthernet1/1 ip address 10.23.98.158 255.255.255.248
  • C. R7# interface FastEthernet1/0 ip address 10.88.31.127 255.255.255.240 R8# interface FastEthernet0/0 ip address 10.19.63.95 255.255.255.192 R9# interface FastEthernet1/1 ip address 10.23.98.159 255.255.255.248
  • D. R7# interface FastEthernet1/0 ip address 10.88.31.126 255.255.255.192 R8# interface FastEthernet0/0 ip address 10.19.63.94 255.255.255.240 R9# interface FastEthernet1/1 ip address 10.23.98.158 255.255.255.224
Reveal Solution Hide Solution   Discussion   15

Correct Answer: D 🗳️

Community vote distribution
D (83%)
B (17%)

Question #110 Topic 1

How do TCP and UDP fit into a query-responsible model?

  • A. TCP avoids using sequencing and UDP avoids using acknowledgments
  • B. TCP establishes a connection prior to sending data, and UDP sends immediately
  • C. TCP encourages out-of-order packet delivery, and UDP prevents re-ordering
  • D. TCP uses error detection for packets, and UDP uses error recovery.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #111 Topic 1

What provides centralized control of authentication and roaming in an enterprise network?

  • A. a lightweight access point
  • B. a wireless LAN controller
  • C. a firewall
  • D. a LAN switch
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #112 Topic 1

Which set of 2 4 GHz nonoverlapping wireless channels is standard in the United States?

  • A. channels 1, 6, 11, and 14
  • B. channels 2, 7, 9, and 11
  • C. channels 2, 7, and 11
  • D. channels 1, 6, and 11
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #113 Topic 1

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network.
Which type of IPv6 address must the engineer assign?

  • A. IPv4-compatible IPv6 address
  • B. unique local address
  • C. link-local address
  • D. aggregatable global address
Reveal Solution Hide Solution   Discussion   33

Correct Answer: C 🗳️

Community vote distribution
B (97%)
3%

Question #114 Topic 1

What is a requirement for nonoverlapping Wi-Fi channels?

  • A. different security settings
  • B. discontinuous frequency ranges
  • C. unique SSIDs
  • D. different transmission speeds
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #115 Topic 1

A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply?

  • A. interface vlan 2000 ipv6 address ff00:0000:aaaa::1234:2343/64
  • B. interface vlan 2000 ipv6 address fd00::1234:2343/64
  • C. interface vlan 2000 ipv6 address fe80:0000:aaaa::1234:2343/64
  • D. interface vlan 2000 ipv6 address fc00:0000:aaaa::a15d:1234:2343:8aca/64
Reveal Solution Hide Solution   Discussion   36

Correct Answer: D 🗳️

Community vote distribution
B (85%)
D (15%)

Question #116 Topic 1

What are two characteristics of an SSID? (Choose two.)

  • A. It uniquely identifies a client in a WLAN.
  • B. It is at most 32 characters long
  • C. It uniquely identifies an access point in a WLAN
  • D. It provides secured access to a WLAN.
  • E. It can be hidden or broadcast in a WLAN.
Reveal Solution Hide Solution   Discussion   27

Correct Answer: CD 🗳️

Community vote distribution
BE (95%)
2%

Question #117 Topic 1

When a switch receives a frame for a known destination MAC address, how is the frame handled?

  • A. flooded to all ports except the one from which it originated
  • B. forwarded to the first available port
  • C. sent to the port identified for the known MAC address
  • D. broadcast to all ports
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #118 Topic 1

DRAG DROP -
Drag and drop the IPv6 address details from the left onto the corresponding types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #119 Topic 1

What is the collapsed layer in collapsed core architectures?

  • A. Core and distribution
  • B. access and WAN
  • C. distribution and access
  • D. core and WAN
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #120 Topic 1

What is a characteristic of a SOHO network?

  • A. includes at least three tiers of devices to provide load balancing and redundancy
  • B. connects each switch to every other switch in the network
  • C. enables multiple users to share a single broadband connection
  • D. provides high throughput access for 1000 or more users
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #121 Topic 1

What is the role of disaggregation in controller-based networking?

  • A. It divides the control-plane and data-plane functions.
  • B. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions
  • C. It summarizes the routes between the core and distribution layers of the network topology
  • D. It enables a network topology to quickly adjust from a ring network to a star network
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #122 Topic 1

What is a function performed by a web server?

  • A. send and retrieve email from client devices
  • B. securely store files for FTP access
  • C. authenticate and authorize a user's identity
  • D. provide an application that is transmitted over HTTP
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #123 Topic 1


Refer to the exhibit. Site A was recently connected to site B over a new single-mode fiber path. Users at site A report intermittent connectivity issues with applications hosted at site B. What is the reason for the problem?

  • A. Physical network errors are being transmitted between the two sites.
  • B. Heavy usage is causing high latency.
  • C. The wrong cable type was used to make the connection.
  • D. An incorrect type of transceiver has been inserted into a device on the link
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #124 Topic 1

Which protocol uses the SSL?

  • A. SSH
  • B. HTTPS
  • C. HTTP
  • D. Telnet
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #125 Topic 1

Why is UDP more suitable than TCP for applications that require low latency such as VoIP?

  • A. UDP reliably guarantees delivery of all packets: TCP drops packets under heavy load
  • B. UDP uses sequencing data for packets to arrive in order TCP offers the capability to receive packets in random order
  • C. TCP uses congestion control for efficient packet delivery: UDP uses flow control mechanisms for the delivery of packets
  • D. TCP sends an acknowledgement for every packet received: UDP operates without acknowledgments
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #126 Topic 1

What are the two functions of SSIDs? (Choose two.)

  • A. uses the maximum of 32 alphanumeric characters
  • B. controls the speed of the Wi-Fi network
  • C. used exclusively with controller-based Wi-Fi networks
  • D. supports a single access point
  • E. broadcasts by default
Reveal Solution Hide Solution   Discussion   15

Correct Answer: AD 🗳️
The SSID is a unique identifier that wireless networking devices use to establish and maintain wireless connectivity. The SSID can consist of up to 32 alphanumeric, case-sensitive, characters. Wireless clients connect using the SSID for secure communications. The SSID is a unique token that identifies an
802.11 wireless network. It is used by wireless devices to identify a network and to establish and maintain wireless connectivity. An SSID must be configured and assigned to a wireless client device interface before the device can associate with an access point.

Community vote distribution
AE (97%)
1%

Question #127 Topic 1

Which two characteristics describe the access layer in a three-tier network architecture? (Choose two.)

  • A. serves as the network aggregation point
  • B. physical connection point for a LAN printer
  • C. designed to meet continuous redundant uptime requirements
  • D. layer at which a wireless access point connects to the wired network
  • E. provides a boundary between Layer 2 and Layer 3 communications
Reveal Solution Hide Solution   Discussion   15

Correct Answer: BD 🗳️
The Access Layer is the one closer to the users. In fact, at this layer, we find the users themselves and the access-layer switches. The main purpose of this layer is to physically connect users to the network. In other words, there is just a cable between end-user PCs, printers, and wireless access points and access-layer switches.

Community vote distribution
BD (78%)
AE (22%)

Question #128 Topic 1

Which PoE mode enables powered-devices detection and guarantees power when the device detected?

  • A. auto
  • B. static
  • C. dynamic
  • D. active
Reveal Solution Hide Solution   Discussion   37

Correct Answer: A 🗳️

Community vote distribution
B (62%)
A (35%)
3%

Question #129 Topic 1


Refer to the exhibit. The router has been configured with a super net to accommodate the requirements for 380 users on a Subnet. The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

  • A. Subnet: 10.7.54.0 Subnet mask: 255.255.128.0 Broadcast address: 10.5.55.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254
  • B. Subnet: 10.7.54.0 Subnet mask: 255.255.255.0 Broadcast address: 10.7.54.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254
  • C. Subnet: 10.7.54.0 Subnet mask: 255.255.254.0 Broadcast address: 10.7.54.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254
  • D. Subnet: 10.7.54.0 Subnet mask: 255.255.254.0 Broadcast address: 10.7.55.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #130 Topic 1


Refer to the exhibit. Configurations for the switch and PCs are complete. Which configuration must be applied so that VLANs 2 and 3 communicate back and forth?

  • A. interface GigabitEthernet0/0 ip address 10.10.2.10 255.255.252.0
  • B. interface GigabitEthernet0/0.10 encapsulation dot1Q 3 ip address 10.10.2.10 255.255.254.0
  • C. interface GigabitEthernet0/0.3 encapsulation dot1Q 3 native ip address 10.10.2.10 255.255.252.0
  • D. interface GigabitEthernet0/0.3 encapsulation dot1Q 10 ip address 10.10.2.10 255.255.255.252
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #131 Topic 1

DRAG DROP -
Drag and drop the IPv6 address type characteristics from the left to the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   10

Correct Answer:

Question #132 Topic 1

DRAG DROP -

Refer to the exhibit. The IP address configurations must be completed on the DC-1 and HQ-1 routers based on these requirements:
✑ DC-1 Gi1/0 must be the last usable address on a /30
✑ DC-1 Gi1/1 must be the first usable address on a /29
✑ DC-1 Gi1/2 must be the last usable address on a /28
✑ HQ-1 Gi1/3 must be the last usable address on a /29
Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   12

Correct Answer:

Question #133 Topic 1

How is RFC 1918 addressing used in a network?

  • A. They are used to access the Internet from the internal network without conversion.
  • B. They are used in place of public addresses for Increased security.
  • C. They are used with NAT to preserve public IPv4 addresses.
  • D. They are used by Internet Service Providers to route over the Internet.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #134 Topic 1

DRAG DROP -
Drag and drop the IPv6 address types from the left onto their descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   13

Correct Answer:

Question #135 Topic 1


Refer to the exhibit. What is a reason for poor performance on the network interface?

  • A. The interface is receiving excessive broadcast traffic.
  • B. The bandwidth setting of the interface is misconfigured.
  • C. The cable connection between the two devices is faulty.
  • D. The interface is operating at a different speed than the connected device.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️
Here we see a large number of input errors and CRC errors.

Community vote distribution
C (100%)

Question #136 Topic 1

DRAG DROP -
Drag and drop the IPv6 address descriptions from the left onto the IPv6 address types on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #137 Topic 1

DRAG DROP -
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #138 Topic 1

Which WAN topology has the highest degree of reliability?

  • A. point-to-point
  • B. router-on-a-stick
  • C. full mesh
  • D. hub-and-spoke
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #139 Topic 1

DRAG DROP -
Drag and drop the IPv6 address type characteristics from the left to the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #140 Topic 1

What causes a port to be placed in the err-disabled state?

  • A. nothing plugged into the port
  • B. link flapping
  • C. latency
  • D. shutdown command issued on the port
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #141 Topic 1

DRAG DROP -
Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #142 Topic 1

A network engineer must configure an interface with IP address 10.10.10.145 and a subnet mask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask must the engineer use?

  • A. /29
  • B. /30
  • C. /27
  • D. /28
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Community vote distribution
A (94%)
6%

Question #143 Topic 1


Refer to the exhibit. The switches are connected via a Cat5 Ethernet cable that is tested successfully. The interfaces are configured as access ports and are both in a down status. What is the cause of the issue?

  • A. The speed settings on the switches are mismatched
  • B. The distance between the two switches is not supported by Cat5
  • C. The switches are configured with incompatible duplex settings
  • D. The portfast command is missing from the configuration
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #144 Topic 1

Which two IP addressing schemes provide internet access to users on the network while preserving the public IPv4 address space? (Choose two.)

  • A. IPv6 addressing
  • B. PAT with private internal addressing
  • C. single public Class A network
  • D. private networks only
  • E. custom addresses from ARIN
Reveal Solution Hide Solution   Discussion   11

Correct Answer: AB 🗳️
PAT with private internal addressing is the usual method of allowing Internet access while preserving IPv4 addresses. Another alternative is using IPV6, which will allow internet access without using any IPv4 addresses. The other answer choices will consume a great deal of public IPV4 addresses, or will not allow for internet access.

Community vote distribution
AB (61%)
BE (35%)
4%

Question #145 Topic 1

The address block 192.168.32.0/24 must be subnetted into smaller networks. The engineer must meet these requirements:
✑ Create 8 new subnets.
✑ Each subnet must accommodate 30 hosts.
✑ Interface VLAN 10 must use the last usable IP in the first new subnet.
✑ A Layer 3 interface is used.
Which configuration must be applied to the interface?

  • A. no switchport mode trunk ip address 192.168.32.97 255.255.255.224
  • B. switchport ip address 192.168.32.65 255.255.255.240
  • C. no switchport ip address 192.168.32.30 255.255.255.224
  • D. no switchport mode access ip address 192.168.32.62 255.255.255.240
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #146 Topic 1

DRAG DROP -
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #147 Topic 1

What are two reasons to deploy private addressing on a network? (Choose two.)

  • A. to subnet addresses in an organized hierarchy
  • B. to reduce network maintenance costs
  • C. to segment local IP addresses from the global routing table
  • D. to hide sensitive data from access users within an enterprise
  • E. to route protected data securely via an Internet service provider
Reveal Solution Hide Solution   Discussion   18

Correct Answer: AC 🗳️

Community vote distribution
BC (64%)
AD (29%)
7%

Question #148 Topic 1

DRAG DROP -
Drag and drop the IPv6 DNS record types from the left onto the description on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   10

Correct Answer:

Question #149 Topic 1

Which property is shared by 10GBase-SR and 10GBase-LR interfaces?

  • A. Both use the single-mode fiber type.
  • B. Both require UTP cable media for transmission.
  • C. Both require fiber cable media for transmission.
  • D. Both use the multimode fiber type.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #150 Topic 1

DRAG DROP -
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #151 Topic 1

Which device permits or denies network traffic based on a set of rules?

  • A. switch
  • B. firewall
  • C. wireless controller
  • D. access point
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #152 Topic 1

What is the role of a firewall in an enterprise network?

  • A. determines which packets are allowed to cross from unsecured to secured networks
  • B. processes unauthorized packets and allows passage to less secure segments of the network
  • C. forwards packets based on stateless packet inspection
  • D. explicitly denies all packets from entering an administrative domain
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #153 Topic 1

DRAG DROP -
Refer to the exhibit.

An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #154 Topic 1

DRAG DROP -
Drag and drop the DNS lookup components from the left onto the functions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #155 Topic 1

DRAG DROP -
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #156 Topic 1


Refer to the exhibit. An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for new hosts. Which configuration script must be used?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   5

Correct Answer: C

Question #157 Topic 1

Which action is taken by a switch port enabled for PoE power classification override?

  • A. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused
  • B. When a powered device begins drawing power from a PoE switch port, a syslog message is generated
  • C. If a switch determines that a device is using less than the minimum configured power, it assumes the device has failed and disconnects it
  • D. Should a monitored port exceed the maximum administrative value for power, the port is shut down and err-disabled
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #158 Topic 1

What is a function spine-and-leaf architecture?

  • A. Offers predictable latency of the traffic path between end devices.
  • B. Exclusively sends multicast traffic between servers that are directly connected to the spine.
  • C. Mitigates oversubscription by adding a layer of leaf switches.
  • D. Limits payload size of traffic within the leaf layer.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️
With a spine-and-leaf architecture, no matter which leaf switch to which a server is connected, its traffic always has to cross the same number of devices to get to another server (unless the other server is located on the same leaf). This approach keeps latency at a predictable level because a payload only has to hop to a spine switch and another leaf switch to reach its destination.
Reference:
https://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series-switches/white-paper-c11-737022.html

Community vote distribution
A (100%)

Question #159 Topic 1

Which action is taken by the data plane within a network device?

  • A. Constructs a routing table based on a routing protocol.
  • B. Forwards traffic to the next hop.
  • C. Looks up an egress interface in the forwarding information base.
  • D. Provides CLI access to the network device.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Community vote distribution
B (83%)
C (17%)

Question #160 Topic 1

What is the function of the control plane?

  • A. It exchanges routing table information.
  • B. It provides CLI access to the network device.
  • C. It looks up an egress interface in the forwarding information base.
  • D. It forwards traffic to the next hop.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #161 Topic 1

Which two cable types must be used to connect an access point to the WLC when 2.5-Gbps and 5-Gbps upload speeds are required? (Choose two.)

  • A. 10GBASE-T
  • B. 1000BASE-LX/LH
  • C. Cat 5e
  • D. Cat 5
  • E. Cat 3
Reveal Solution Hide Solution   Discussion   9

Correct Answer: AC 🗳️

Community vote distribution
C (50%)
AC (50%)

Question #162 Topic 1

What is a benefit for external users who consume public cloud resources?

  • A. Implemented over a dedicated WAN
  • B. All hosted on physical servers
  • C. Accessed over the Internet
  • D. Located in the same data center as the users
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #163 Topic 1

An engineer must update the configuration on two PCs in two different subnets to communicate locally with each other. One PC is configured with IP address
192.168.25.128/25 and the other with 192.168.25.100/25. Which network mask must the engineer configure on both PCs to enable the communication?

  • A. 255.255.255.248
  • B. 255.255.255.224
  • C. 255.255.255.0
  • D. 255.255.255.252
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #164 Topic 1

Which key function is provided by the data plane?

  • A. Originating packets
  • B. Exchanging routing table data
  • C. Making routing decisions
  • D. Forwarding traffic to the next hop
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #165 Topic 1

When should an engineer implement a collapsed-core architecture?

  • A. Only when using VSS technology
  • B. For small networks with minimal need for growth
  • C. For large networks that are connected to multiple remote sites
  • D. The access and distribution layers must be on the same device
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #166 Topic 1


Refer to the exhibit. An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional
VLANS using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth?

  • A. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 265 255.255.252
  • B. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255 255.255.248
  • C. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255 255.255.0
  • D. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255.255.255.128
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Community vote distribution
B (78%)
A (22%)

Question #167 Topic 1

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

  • A. a physical cable fault
  • B. a speed mismatch
  • C. high bandwidth usage
  • D. a cable that is too long
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Community vote distribution
A (92%)
8%

Question #168 Topic 1

What is the difference between 1000BASE-LX/LH and 1000BASE-ZX interfaces?

  • A. 1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 1000BASE-ZX needs a conditioning patch cable with multimode.
  • B. 1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate
  • C. 1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km
  • D. 1000BASE- LX/LH is supported on links up to 10km, and 1000Base-ZX operates over links up to 70 km
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #169 Topic 1

What are two reasons to implement IPv4 private addressing on a network? (Choose two.)

  • A. To enable internal applications to treat the private IPv4 addresses as unique
  • B. To facilitate renumbering when merging networks
  • C. To expand the routing table on the router
  • D. To provide protection from external denial-of-service attacks
  • E. To conserve global unique IPv4 addresses
Reveal Solution Hide Solution   Discussion   23

Correct Answer: DE 🗳️

Community vote distribution
AE (63%)
DE (27%)
10%

Question #170 Topic 1

Which concern is addressed with the use of private IPv4 addressing?

  • A. Lack of routing protocol support for CIDR and VLSM
  • B. Lack of security protocols at the network perimeter
  • C. Lack of available TCP/UDP ports per IPv5 address
  • D. Lack of available publicly routable unique IPv4 address
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #171 Topic 1

What is the path for traffic sent from one user workstation to another workstation on a separate switch in a three-tier architecture model?

  • A. access ג€" core ג€" access
  • B. access ג€" distribution ג€" distribution ג€" access
  • C. access ג€" core ג€" distribution ג€" access
  • D. access ג€" distribution ג€" core ג€" distribution ג€" access
Reveal Solution Hide Solution   Discussion   23

Correct Answer: D 🗳️

Community vote distribution
D (78%)
B (22%)

Question #172 Topic 1

What is the difference between IPv6 unicast and anycast addressing?

  • A. An individual IPv6 unicast address is supported on a single interface on one node, but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.
  • B. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration.
  • C. IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration.
  • D. Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #173 Topic 1


Refer to the exhibit. Between which zones do wireless users expect to experience intermittent connectivity?

  • A. between zones 1 and 2
  • B. between zones 2 and 5
  • C. between zones 3 and 4
  • D. between zones 3 and 6
Reveal Solution Hide Solution   Discussion   16

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #174 Topic 1

Which WAN topology provides a combination of simplicity quality, and availability?

  • A. partial mesh
  • B. full mesh
  • C. point-to-point
  • D. hub-and-spoke
Reveal Solution Hide Solution   Discussion   25

Correct Answer: C 🗳️

Community vote distribution
C (39%)
A (39%)
D (22%)

Question #175 Topic 1

DRAG DROP -
Drag and drop the statements about wireless architectures from the left onto the architectures on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #176 Topic 1

DRAG DROP -
Drag and drop the Wi-Fi terms from the left onto the descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   16

Correct Answer:

Question #177 Topic 1

How are the switches in a spine-and-leaf topology interconnected?

  • A. Each leaf switch is connected to one of the spine switches
  • B. Each leaf switch is connected to each spine switch.
  • C. Each leaf switch is connected to two spine switches, making a loop.
  • D. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Community vote distribution
B (83%)
C (17%)

Question #178 Topic 1

What is the primary effect of the spanning-tree portfast command?

  • A. It immediately enables the port in the listening state.
  • B. It immediately puts the port into the forwarding state when the switch is reloaded.
  • C. It enables BPDU messages.
  • D. It minimizes spanning-tree convergence time.
Reveal Solution Hide Solution   Discussion   56

Correct Answer: D 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html

Community vote distribution
D (58%)
B (42%)

Question #179 Topic 1

What occurs when PortFast is enabled on an interface that is connected to another switch?

  • A. Root port choice and spanning-tree recalculation are accelerated when a switch link goes down.
  • B. After spanning-tree converges, PortFast shuts down any port that receives BPDUs.
  • C. VTP is allowed to propagate VLAN configuration information from switch to switch automatically.
  • D. Spanning-tree fails to detect a switching loop increasing the likelihood of broadcast storms.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️
Enabling the PortFast feature causes a switch or a trunk port to enter the STP forwarding-state immediately or upon a linkup event, thus bypassing the listening and learning states.
Note: To enable portfast on a trunk port you need the trunk keyword ג€spanning-tree portfast trunkג€

Community vote distribution
D (100%)

Question #180 Topic 1

Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

  • A. Platinum
  • B. Bronze
  • C. Gold
  • D. Silver
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️
Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background.
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ b_cg74_CONSOLIDATED_chapter_01010111.html

Question #181 Topic 1


Refer to the exhibit. Which switch in this configuration will be elected as the root bridge?

SW1: 0C:E0:38:41:86:07 -

SW2: 0C:0E:15:22:05:97 -

SW3: 0C:0E:15:1A:3C:9D -

SW4: 0C:E0:18:A1:B3:19 -

  • A. SW1
  • B. SW2
  • C. SW3
  • D. SW4
Reveal Solution Hide Solution   Discussion   22

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #182 Topic 1

DRAG DROP -

Refer to the exhibit. An engineer is required to verify that the network parameters are valid for the users' wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #183 Topic 1

An engineer needs to configure LLDP to send the port description type length value (TLV). Which command sequence must be implemented?

  • A. switch(config-if)#lldp port-description
  • B. switch#lldp port-description
  • C. switch(config-line)#lldp port-description
  • D. switch(config)#lldp port-description
Reveal Solution Hide Solution   Discussion   15

Correct Answer: D 🗳️

Question #184 Topic 1


Refer to the exhibit. Which switch becomes the root bridge?

  • A. S1
  • B. S2
  • C. S3
  • D. S4
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #185 Topic 1

Which configuration ensures that the switch is always the root for VLAN 750?

  • A. Switch(config)#spanning-tree vlan 750 priority 38418607
  • B. Switch(config)#spanning-tree vlan 750 priority 0
  • C. Switch(config)#spanning-tree vlan 750 root primary
  • D. Switch(config)#spanning-tree vlan 750 priority 614440
Reveal Solution Hide Solution   Discussion   108

Correct Answer: C 🗳️

Community vote distribution
B (76%)
C (24%)

Question #186 Topic 1


Refer to the exhibit. After the switch configuration, the ping test fails between PC A and PC B. Based on the output for switch 1, which error must be corrected?

  • A. The PCs are in the incorrect VLAN.
  • B. All VLANs are not enabled on the trunk.
  • C. Access mode is configured on the switch ports.
  • D. There is a native VLAN mismatch.
Reveal Solution Hide Solution   Discussion   28

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #187 Topic 1

DRAG DROP -
Drag and drop the WLAN components from the left onto the correct descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   6

Correct Answer:
The service port can be used management purposes, primarily for out-of-band management. However, AP management traffic is not possible across the service port. In most cases, the service port is used as a ג€last resortג€ means of accessing the controller GUI for management purposes. For example, in the case where the system distribution ports on the controller are down or their communication to the wired network is otherwise degraded.
A dynamic interface with the Dynamic AP Management option enabled is used as the tunnel source for packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller.
The virtual interface is used to support mobility management, Dynamic Host Configuration Protocol (DHCP) relay, and embedded Layer 3 security such as guest web authentication. It also maintains the DNS gateway host name used by Layer 3 security and mobility managers to verify the source of certificates when Layer 3 web authorization is enabled.
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ports_and_interfaces.html

Question #188 Topic 1

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

  • A. local
  • B. mesh
  • C. flexconnect
  • D. sniffer
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️
In previous releases, whenever a FlexConnect access point disassociates from a controller, it moves to the standalone mode. The clients that are centrally switched are disassociated. However, the FlexConnect access point continues to serve locally switched clients. When the FlexConnect access point rejoins the controller (or a standby controller), all clients are disconnected and are authenticated again. This functionality has been enhanced and the connection between the clients and the FlexConnect access points are maintained intact and the clients experience seamless connectivity. When both the access point and the controller have the same configuration, the connection between the clients and APs is maintained.
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ b_cg74_CONSOLIDATED_chapter_010001101.html

Community vote distribution
C (100%)

Question #189 Topic 1


Refer to the exhibit. Which command provides this output?

  • A. show ip route
  • B. show cdp neighbor
  • C. show ip interface
  • D. show interface
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #190 Topic 1

Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?

  • A. active
  • B. on
  • C. auto
  • D. desirable
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️
The Static Persistence (or ג€onג€ mode) bundles the links unconditionally and no negotiation protocol is used. In this mode, neither PAgP nor LACP packets are sent or received.

Question #191 Topic 1

Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

  • A. bridge
  • B. lightweight
  • C. mobility express
  • D. autonomous
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️
A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are ג€lightweight,ג€ which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are ג€zero touchג€ deployed, and individual configuration of APs is not necessary.

Question #192 Topic 1

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.)

  • A. QoS settings
  • B. IP address of one or more access points
  • C. SSID
  • D. profile name
  • E. management interface settings
Reveal Solution Hide Solution   Discussion   14

Correct Answer: CD 🗳️

Question #193 Topic 1

Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

  • A. lldp timer
  • B. lldp tlv-select
  • C. lldp reinit
  • D. lldp holdtime
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️
ג€¢ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it
ג€¢ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface
ג€¢ lldp timer rate: Set the sending frequency of LLDP updates in seconds
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swlldp.html

Question #194 Topic 1


Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?

  • A. It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.
  • B. It processes VTP updates from any VTP clients on the network on its access ports.
  • C. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
  • D. It forwards only the VTP advertisements that it receives on its trunk ports.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: D 🗳️
The VTP mode of SW2 is transparent so it only forwards the VTP updates it receives to its trunk links without processing them.
Reference:
https://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/10558-21.html

Community vote distribution
D (100%)

Question #195 Topic 1


Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

  • A. mode on
  • B. active
  • C. passive
  • D. auto
Reveal Solution Hide Solution   Discussion   24

Correct Answer: B 🗳️
From the neighbor status, we notice the ג€Flagsג€ are SP. ג€Pג€ here means the neighbor is in Passive mode. In order to create an Etherchannel interface, the (local)
SW1 ports should be in Active mode. Moreover, the ג€Port Stateג€ in the exhibit is ג€0x3cג€ (which equals to ג€00111100ג€³ in binary format). Bit 3 is ג€1ג€ which means the ports are synchronizing -> the ports are working so the local ports should be in Active mode.

Community vote distribution
B (71%)
C (29%)

Question #196 Topic 1

Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Auto and SW2 is set to Dynamic Desirable. What is the result of this configuration?

  • A. The link becomes an access port.
  • B. The link is in an error disabled state.
  • C. The link is in a down state.
  • D. The link becomes a trunk port.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #197 Topic 1

A Cisco IP phone receives untagged data traffic from an attached PC. Which action is taken by the phone?

  • A. It drops the traffic.
  • B. It allows the traffic to pass through unchanged.
  • C. It tags the traffic with the native VLAN.
  • D. It tags the traffic with the default VLAN.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️
Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_40_se/configuration/guide/scg/swvoip.pdf

Community vote distribution
B (100%)

Question #198 Topic 1

Which design element is a best practice when deploying an 802.11b wireless infrastructure?

  • A. allocating nonoverlapping channels to access points that are in close physical proximity to one another
  • B. disabling TCP so that access points can negotiate signal levels with their attached wireless devices
  • C. configuring access points to provide clients with a maximum of 5 Mbps
  • D. setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
Reveal Solution Hide Solution   Discussion   13

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #199 Topic 1

Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2, while all other VLANs are to remain tagged.
Which command accomplishes this task?

  • A. switchport access vlan 67
  • B. switchport trunk allowed vlan 67
  • C. switchport private-vlan association host 67
  • D. switchport trunk native vlan 67
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #200 Topic 1

Which two command sequences must be configured on a switch to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two.)

  • A. interface GigabitEthernet0/0/1 channel-group 10 mode auto
  • B. interface GigabitEthernet0/0/1 channel-group 10 mode on
  • C. interface port-channel 10 no switchport ip address 172.16.0.1 255.255.255.0
  • D. interface GigabitEthernet0/0/1 channel-group 10 mode active
  • E. interface port-channel 10 switchport switchport mode trunk
Reveal Solution Hide Solution   Discussion   59

Correct Answer: CD 🗳️

Community vote distribution
CD (85%)
Other

Question #201 Topic 1

Refer to the exhibit. Which two commands when used together create port channel 10? (Choose two.)

  • A. int range g0/0-1 channel-group 10 mode active
  • B. int range g0/0-1 channel-group 10 mode desirable
  • C. int range g0/0-1 channel-group 10 mode passive
  • D. int range g0/0-1 channel-group 10 mode auto
  • E. int range g0/0-1 channel-group 10 mode on
Reveal Solution Hide Solution   Discussion   12

Correct Answer: AC 🗳️

Community vote distribution
A (100%)

Question #202 Topic 1

Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the
GigabitEthernet 3/1/4 port on a switch?

  • A. The phone and a workstation that is connected to the phone do not have VLAN connectivity.
  • B. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1.
  • C. The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity.
  • D. The phone and a workstation that is connected to the phone send and receive data in VLAN 50.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️

Question #203 Topic 1

Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?

  • A. The frame is processed in VLAN 1
  • B. The frame is processed in VLAN 11
  • C. The frame is processed in VLAN 5
  • D. The frame is dropped
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #204 Topic 1

Which command is used to enable LLDP globally on a Cisco IOS ISR?

  • A. lldp run
  • B. lldp enable
  • C. lldp transmit
  • D. cdp run
  • E. cdp enable
Reveal Solution Hide Solution   Discussion   10

Correct Answer: A 🗳️
Link Layer Discovery Protocol (LLDP) is an industry standard protocol that allows devices to advertise, and discover connected devices, and there capabilities
(same as CDP of Cisco). To enable it on Cisco devices, we have to use this command under global configuration mode:
Sw(config)# lldp run

Question #205 Topic 1

Which command should you enter to configure an LLDP delay time of 5 seconds?

  • A. lldp timer 5000
  • B. lldp holdtime 5
  • C. lldp reinit 5000
  • D. lldp reinit 5
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️
✑ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it
✑ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface
✑ lldp timer rate: Set the sending frequency of LLDP updates in seconds
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swlldp.html

Community vote distribution
D (58%)
B (42%)

Question #206 Topic 1

In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an IP address?

  • A. CDP becomes inoperable on that neighbor
  • B. CDP uses the IP address of another interface for that neighbor
  • C. CDP operates normally, but it cannot provide IP address information for that neighbor
  • D. CDP operates normally, but it cannot provide any information for that neighbor
Reveal Solution Hide Solution   Discussion   60

Correct Answer: C 🗳️
Although CDP is a Layer 2 protocol but we can check the neighbor IP address with the ג€show cdp neighbor detailג€ command. If the neighbor does not has an IP address then CDP still operates without any problem. But the IP address of that neighbor is not provided.

Community vote distribution
B (70%)
C (30%)

Question #207 Topic 1

DRAG DROP -
Drag and drop the benefits of a Cisco Wireless Lan Controller from the left onto the correct examples on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   11

Correct Answer:

Question #208 Topic 1

When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected?

  • A. Passive
  • B. Desirable
  • C. On
  • D. Auto
  • E. Active
Reveal Solution Hide Solution   Discussion   25

Correct Answer: A 🗳️
The LACP is Link Aggregation Control Protocol. LACP is an open protocol, published under the 802.3ad.
The modes of LACP are active, passive or on. The side configured as ג€passiveג€ will waiting the other side that should an Active for the Etherchannel to be established.
PAgP is Port-Aggregation Protocol. It is Cisco proprietary protocol. The mode are On, Desirable or Auto. Desirable ג€" Auto will establish an EtherChannel.
An example of how to configure an Etherchannel:

SwitchFormula1>enable -
SwitchFormula1#configure terminal
SwitchFormula1(config)# interface range f0/5 -14
SwitchFormula1(config-if-range)# channel-group 13 mode ?
active Enable LACP unconditionally
auto Enable PAgP only if a PAgP device is detected
desirable Enable PAgP unconditionally
on Enable Etherchannel only
passive Enable LACP only if a LACP device is detected

Community vote distribution
A (100%)

Question #209 Topic 1

Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment?

  • A. VLAN 1
  • B. VLAN 5
  • C. VLAN 10
  • D. VLAN 20
Reveal Solution Hide Solution   Discussion   34

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #210 Topic 1

Which two VLAN IDs indicate a default VLAN? (Choose two.)

  • A. 0
  • B. 1
  • C. 1005
  • D. 1006
  • E. 4096
Reveal Solution Hide Solution   Discussion   9

Correct Answer: BC 🗳️
VLAN 1 is a system default VLAN, you can use this VLAN but you cannot delete it. By default VLAN 1 is use for every port on the switch.
Standard VLAN range from 1002-1005 it's Cisco default for FDDI and Token Ring. You cannot delete VLANs 1002-1005. Mostly we don't use VLAN in this range.

Community vote distribution
BC (100%)

Question #211 Topic 1

Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose two.)

  • A. the native VLAN
  • B. the trunking protocol
  • C. the VTP domain
  • D. the spanning-tree priority
  • E. the spanning-tree protocol
Reveal Solution Hide Solution   Discussion   4

Correct Answer: AC 🗳️

Question #212 Topic 1

After you deploy a new WLAN controller on your network, which two additional tasks should you consider? (Choose two.)

  • A. deploy load balancers
  • B. configure additional vlans
  • C. configure multiple VRRP groups
  • D. deploy POE switches
  • E. configure additional security policies
Reveal Solution Hide Solution   Discussion   23

Correct Answer: AE 🗳️

Community vote distribution
BE (50%)
DE (25%)
AE (25%)

Question #213 Topic 1

Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1?

  • A. It sends the traffic to VLAN 10.
  • B. It sends the traffic to VLAN 100.
  • C. It drops the traffic.
  • D. It sends the traffic to VLAN 1.
Reveal Solution Hide Solution   Discussion   84

Correct Answer: B 🗳️
Since SW-1 is configured native VLAN is VLAN10, so traffic coming out of VLAN-10 is untagged, & goes directly to SW-2 Native VLAN: VLAN100, due to VLAN mismatch.

Community vote distribution
B (60%)
C (35%)
4%

Question #214 Topic 1

Which two commands can you use to configure an actively negotiate EtherChannel? (Choose two.)

  • A. channel-group 10 mode on
  • B. channel-group 10 mode auto
  • C. channel-group 10 mode passive
  • D. channel-group 10 mode desirable
  • E. channel-group 10 mode active
Reveal Solution Hide Solution   Discussion   14

Correct Answer: DE 🗳️

Community vote distribution
DE (100%)

Question #215 Topic 1

How does STP prevent forwarding loops at OSI Layer 2?

  • A. TTL
  • B. MAC address forwarding
  • C. Collision avoidance
  • D. Port blocking
Reveal Solution Hide Solution   Discussion   13

Correct Answer: D 🗳️

Community vote distribution
D (87%)
13%

Question #216 Topic 1

Which two statements about VTP are true? (Choose two.)

  • A. All switches must be configured with the same VTP domain name
  • B. All switches must be configured to perform trunk negotiation
  • C. All switches must be configured with a unique VTP domain name
  • D. The VTP server must have the highest revision number in the domain
  • E. All switches must use the same VTP version
Reveal Solution Hide Solution   Discussion   64

Correct Answer: AE 🗳️

Community vote distribution
AD (40%)
AE (37%)
DE (17%)
3%

Question #217 Topic 1

Which type does a port become when it receives the best BPDU on a bridge?

  • A. The designated port
  • B. The backup port
  • C. The alternate port
  • D. The root port
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #218 Topic 1

Which value can you modify to configure a specific interface as the preferred forwarding interface?

  • A. The interface number
  • B. The port priority
  • C. The VLAN priority
  • D. The hello time
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #219 Topic 1

Which statement about Cisco Discovery Protocol is true?

  • A. It is a Cisco-proprietary protocol.
  • B. It runs on the network layer.
  • C. It can discover information from routers, firewalls, and switches.
  • D. It runs on the physical layer and the data link layer.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #220 Topic 1

What are two reasons a network administrator would use CDP? (Choose two.)

  • A. to verify the type of cable interconnecting two devices
  • B. to determine the status of network services on a remote device
  • C. to obtain VLAN information from directly connected switches
  • D. to verify Layer 2 connectivity between two devices when Layer 3 fails
  • E. to obtain the IP address of a connected device in order to telnet to the device
  • F. to determine the status of the routing protocols between directly connected routers
Reveal Solution Hide Solution   Discussion   7

Correct Answer: DE 🗳️

Community vote distribution
DE (100%)

Question #221 Topic 1

What are two benefits of using VTP in a switching environment? (Choose two.)

  • A. It allows switches to read frame tags.
  • B. It allows ports to be assigned to VLANs automatically.
  • C. It maintains VLAN consistency across a switched network.
  • D. It allows frames from multiple VLANs to use a single interface.
  • E. It allows VLAN information to be automatically propagated throughout the switching environment.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: CE 🗳️

Question #222 Topic 1

Which three statements are typical characteristics of VLAN arrangements? (Choose three.)

  • A. A new switch has no VLANs configured.
  • B. Connectivity between VLANs requires a Layer 3 device.
  • C. VLANs typically decrease the number of collision domains.
  • D. Each VLAN uses a separate address space.
  • E. A switch maintains a separate bridging table for each VLAN.
  • F. VLANs cannot span multiple switches.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: BDE 🗳️

Community vote distribution
BDE (100%)

Question #223 Topic 1

On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?

  • A. a router with subinterfaces configured on the physical interface that is connected to the switch
  • B. a router with an IP address on the physical interface connected to the switch
  • C. a switch with an access link that is configured between the switches
  • D. a switch with a trunk link that is configured between the switches
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️
Different VLANs can't communicate with each other, they can communicate with the help of Layer3 router. Hence, it is needed to connect a router to a switch, then make the sub-interface on the router to connect to the switch, establishing Trunking links to achieve communications of devices which belong to different VLANs.

Community vote distribution
A (100%)

Question #224 Topic 1

Which statement about LLDP is true?

  • A. It is a Cisco proprietary protocol.
  • B. It is configured in global configuration mode.
  • C. The LLDP update frequency is a fixed value.
  • D. It runs over the transport layer.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #225 Topic 1

What is a function of Wireless LAN Controller?

  • A. register with a single access point that controls traffic between wired and wireless endpoints
  • B. use SSIDs to distinguish between wireless clients
  • C. send LWAPP packets to access points
  • D. monitor activity on wireless and wired LANs
Reveal Solution Hide Solution   Discussion   40

Correct Answer: C 🗳️
Lightweight APs (LAPs) is devices require no initial configuration. LAPs use the Lightweight Access Point Protocol (LWAPP) to communicate with a WLAN controller (WLC), as shown in the below figure. Controller-based APs are useful in situations where many APs are required in the network. As more APs are added, each AP is automatically configured and managed by the WLC.

Community vote distribution
C (100%)

Question #226 Topic 1

Which technology is used to improve web traffic performance by proxy caching?

  • A. WSA
  • B. Firepower
  • C. ASA
  • D. FireSIGHT
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #227 Topic 1

What criteria is used first during the root port selection process?

  • A. local port ID
  • B. lowest path cost to the toot bridge
  • C. lowest neighbor's bridge ID
  • D. lowest neighbor's port ID
Reveal Solution Hide Solution   Discussion   19

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #228 Topic 1

Which statement about VLAN configuration is true?

  • A. The switch must be in VTP server or transparent mode before you can configure a VLAN
  • B. The switch must be in config-vlan mode before you configure an extended VLAN
  • C. Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064
  • D. A switch in VTP transparent mode save the VLAN databases to the running configuration only
Reveal Solution Hide Solution   Discussion   25

Correct Answer: A 🗳️

Community vote distribution
A (75%)
B (25%)

Question #229 Topic 1

Refer to the exhibit. What two conclusions should be made about this configuration? (Choose two.)

  • A. The root port is FastEthernet 2/1
  • B. The designated port is FastEthernet 2/1
  • C. The spanning-tree mode is PVST+
  • D. This is a root bridge
  • E. The spanning-tree mode is Rapid PVST+
Reveal Solution Hide Solution   Discussion   17

Correct Answer: AE 🗳️

Question #230 Topic 1

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network is allowed to be mapped?

  • A. Device(config)#lldp run
  • B. Device(config)#cdp run
  • C. Device(config-if)#cdp enable
  • D. Device(config)#flow-sampler-map topology
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #231 Topic 1

How do AAA operations compare regarding user identification, user services, and access control?

  • A. Authorization provides access control, and authentication tracks user services
  • B. Authentication identifies users, and accounting tracks user services
  • C. Accounting tracks user services, and authentication provides access control
  • D. Authorization identifies users, and authentication provides access control
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #232 Topic 1

What is the difference between RADIUS and TACACS+?

  • A. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands.
  • B. TACACS+ separates authentication and authorization, and RADIUS merges them.
  • C. TACACS+ encrypts only password information, and RADIUS encrypts the entire payload.
  • D. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication.
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Community vote distribution
B (91%)
9%

Question #233 Topic 1

What is a difference between local AP mode and FlexConnect AP mode?

  • A. Local AP mode creates two CAPWAP tunnels per AP to the WLC
  • B. Local AP mode causes the AP to behave as if it were an autonomous AP
  • C. FlexConnect AP mode fails to function if the AP loses connectivity with the WLC
  • D. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured
Reveal Solution Hide Solution   Discussion   38

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #234 Topic 1

The SW1 interface g0/1 is in the down/down state. What are two reasons for the interface condition? (Choose two.)

  • A. There is a protocol mismatch
  • B. There is a duplex mismatch
  • C. The interface is shut down
  • D. The interface is error-disabled
  • E. There is a speed mismatch
Reveal Solution Hide Solution   Discussion   18

Correct Answer: DE 🗳️
The interface is shut down - ADMIN DOWN / DOWN
The interface is error-disabled - DOWN / DOWN
There is a speed mismatch - DOWN / DOWN

Community vote distribution
DE (96%)
4%

Question #235 Topic 1

How will Link Aggregation be implemented on a Cisco Wireless LAN Controller?

  • A. The EtherChannel must be configured in ג€mode activeג€.
  • B. When enabled, the WLC bandwidth drops to 500 Mbps.
  • C. To pass client traffic, two or more ports must be configured.
  • D. One functional physical port is needed to pass client traffic.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010101011.html

Question #236 Topic 1

Which two conditions must be met before SSH operates normally on a Cisco IOS switch? (Choose two.)

  • A. IP routing must be enabled on the switch.
  • B. A console password must be configured on the switch.
  • C. Telnet must be disabled on the switch.
  • D. The switch must be running a k9 (crypto) IOS image.
  • E. The ip domain-name command must be configured on the switch.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: DE 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html

Question #237 Topic 1


Refer to the exhibit. Which password must an engineer use to enter the enable mode?

  • A. adminadmin123
  • B. cisco123
  • C. default
  • D. testing1234
Reveal Solution Hide Solution   Discussion   30

Correct Answer: D 🗳️
If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The ג€enable secretג€ will be used first if available, then ג€enable passwordג€ and line password.

Community vote distribution
D (83%)
A (17%)

Question #238 Topic 1

Which state does the switch port move to when PortFast is enabled?

  • A. blocking
  • B. listening
  • C. learning
  • D. forwarding
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #239 Topic 1

Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?

  • A. RADIUS
  • B. HTTPS
  • C. TACACS+
  • D. HTTP
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️
You can protect communication with the GUI by enabling HTTPS. HTTPS protects HTTP browser sessions by using the Secure Sockets Layer (SSL) protocol.
When you enable HTTPS, the controller generates its own local web administration SSL certificate and automatically applies it to the GUI. You also have the option of downloading an externally generated certificate.
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_011.html

Question #240 Topic 1

An engineer must configure interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

  • A. configure DSCP
  • B. configure IEEE 802.1q
  • C. configure ISL
  • D. configure IEEE 802.1p
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️
VLAN trunking offers two options, ISL and 802.1Q. ISL is Cisco proprietary while 802.1Q is standards based and supported by multiple vendors.

Question #241 Topic 1

An engineer requires a switch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured?

  • A. switchport mode trunk
  • B. switchport mode dynamic desirable
  • C. switchport nonegotiate
  • D. switchport mode dynamic auto
Reveal Solution Hide Solution   Discussion   18

Correct Answer: B 🗳️
Reference:
https://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=8#:~:text=switchport%20mode%20dynamic%20auto%3A%20Makes,to%20trunk%20or%
.
20desirable%20mode.&text=switchport%20mode%20dynamic%20desirable%3A%20Makes,link%20to%20a%20trunk%20link

Community vote distribution
B (100%)

Question #242 Topic 1

Refer to the exhibit. After the election process, what is the root bridge in the HQ LAN?

Switch 1: 0C:E0:38:81:32:58 -

Switch 2: 0C:0E:15:22:1A:61 -

Switch 3: 0C:0E:15:1D:3C:9A -

Switch 4: 0C:E0:19:A1:4D:16 -

  • A. Switch 1
  • B. Switch 2
  • C. Switch 3
  • D. Switch 4
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #243 Topic 1

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

  • A. configure switchport nonegotiate
  • B. configure switchport mode dynamic desirable
  • C. configure switchport mode dynamic auto
  • D. configure switchport trunk dynamic desirable
Reveal Solution Hide Solution   Discussion   60

Correct Answer: C 🗳️

Community vote distribution
B (52%)
C (48%)

Question #244 Topic 1

Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?

  • A. BPDUfilter
  • B. PortFast
  • C. Backbonefast
  • D. BPDUguard
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #245 Topic 1

How does the dynamically-learned MAC address feature function?

  • A. The CAM table is empty until ingress traffic arrives at each port
  • B. Switches dynamically learn MAC addresses of each connecting CAM table.
  • C. The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses
  • D. It requires a minimum number of secure MAC addresses to be filled dynamically
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #246 Topic 1

When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

  • A. spanning-tree vlan 200 priority 614440
  • B. spanning-tree vlan 200 priority 0
  • C. spanning-tree vlan 200 root primary
  • D. spanning-tree vlan 200 priority 38813258
Reveal Solution Hide Solution   Discussion   26

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #247 Topic 1


Refer to the exhibit. Which command must be executed for Gi1/1 on SW1 to passively become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode?

  • A. switchport mode dynamic auto
  • B. switchport mode dot1-tunnel
  • C. switchport mode dynamic desirable
  • D. switchport mode trunk
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #248 Topic 1


Refer to the exhibit. The entire contents or the MAC address table are shown. Sales-4 sends a data frame to Sales-1.

What does the switch do as it receives the frame from Sales-4?

  • A. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame.
  • B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.
  • C. Perform a lookup in the MAC address table and discard the frame due to a missing entry.
  • D. Flood the frame out of all ports except on the port where Sales-1 is connected.
Reveal Solution Hide Solution   Discussion   21

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #249 Topic 1


Refer to the exhibit. An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic. Which configuration accomplishes this task?

  • A. interface gigabitethernet1/1 switchport mode access switchport access vlan 300 switchport voice vlan 400
  • B. interface gigabitethernet1/1 switchport mode trunk switchport trunk vlan 300 switchport trunk vlan 400
  • C. interface gigabitethernet1/1 switchport mode access switchport voice vlan 300 switchport access vlan 400
  • D. interface gigabitethernet1/1 switchport mode trunk switchport trunk vlan 300 switchport voice vlan 400
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Community vote distribution
A (88%)
13%

Question #250 Topic 1

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database, with action must be taken?

  • A. Add the switch in the VTP domain with a lower revision number.
  • B. Add the switch in the VTP domain with a higher revision number.
  • C. Add the switch with DTP set to dynamic desirable.
  • D. Add the switch with DTP set to desirable.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #251 Topic 1

Which technology prevents client devices from arbitrarily connecting to the network without state remediation?

  • A. 802.11n
  • B. 802.1x
  • C. MAC Authentication Bypass
  • D. IP Source Guard
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #252 Topic 1

Which protocol does an access point use to draw power from a connected switch?

  • A. Internet Group Management Protocol
  • B. Cisco Discovery Protocol
  • C. Adaptive Wireless Path Protocol
  • D. Neighbor Discovery Protocol
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #253 Topic 1

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

  • A. Enable MAC filtering and set the SA Query timeout to 10.
  • B. Enable 802.1x Layer 2 security and set the Comeback timer to 10.
  • C. Enable Security Association Teardown Protection and set the SA Query timeout to 10.
  • D. Enable the Protected Management Frame service and set the Comeback timer to 10.
Reveal Solution Hide Solution   Discussion   30

Correct Answer: C 🗳️

Community vote distribution
D (82%)
C (18%)

Question #254 Topic 1


Refer to the exhibit. Only four switches are participating in the VLAN spanning-tree process.

Branch-1: priority 614440 -

Branch-2: priority 39391170 -

Branch-3: priority 0 -

Branch-4: root primary -
Which switch becomes the permanent root bridge for VLAN 5?

  • A. Branch-1
  • B. Branch-2
  • C. Branch-3
  • D. Branch-4
Reveal Solution Hide Solution   Discussion   17

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #255 Topic 1

An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which command should be used?

  • A. switchport trunk encapsulation dot1q
  • B. switchport trunk allowed vlan 10
  • C. switchport mode trunk
  • D. switchport trunk native vlan 10
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #256 Topic 1

What are two benefits of using the PortFast feature? (Choose two.)

  • A. Enabled interfaces are automatically placed in listening state.
  • B. Enabled interfaces wait 50 seconds before they move to the forwarding state.
  • C. Enabled interfaces never generate topology change notifications.
  • D. Enabled interfaces come up and move to the forwarding state immediately.
  • E. Enabled interfaces that move to the learning state generate switch topology change notifications.
Reveal Solution Hide Solution   Discussion   19

Correct Answer: AD 🗳️

Community vote distribution
CD (97%)
3%

Question #257 Topic 1

What is the benefit of configuring PortFast on an interface?

  • A. The frames entering the interface are marked with the higher priority and then processed faster by a switch.
  • B. After the cable is connected, the interface is available faster to send and receive user data.
  • C. Real-time voice and video frames entering the interface are processed faster.
  • D. After the cable is connected, the interface uses the fastest speed setting available for that cable type.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #258 Topic 1

DRAG DROP -
Drag and drop the functions of AAA supporting protocols from the left onto the protocols on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #259 Topic 1

Why does a switch flood a frame to all ports?

  • A. The frame has zero destination MAC addresses.
  • B. The destination MAC address of the frame is unknown.
  • C. The source MAC address of the frame is unknown
  • D. The source and destination MAC addresses of the frame are the same.
Reveal Solution Hide Solution   Discussion   78

Correct Answer: B 🗳️

Community vote distribution
B (94%)
4%

Question #260 Topic 1

An engineer configures interface Gi1/0 on the company PE router to connect to an ISP. Neighbor discovery is disabled.

Which action is necessary to complete the configuration if the ISP uses third-party network devices?

  • A. Disable autonegotiation.
  • B. Enable LLDP globally.
  • C. Enable LLDP-MED on the ISP device.
  • D. Disable Cisco Discovery Protocol on the interface.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #261 Topic 1

DRAG DROP -
Drag and drop the Rapid PVST+ forwarding state actions from the left to the right. Not all actions are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #262 Topic 1

Which access point mode relies on a centralized controller for management, roaming, and SSID configuration?

  • A. lightweight mode
  • B. autonomous mode
  • C. bridge mode
  • D. repeater mode
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #263 Topic 1


Refer to the exhibit. A network engineer must configure communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?

  • A. switchport truck allowed vlan 12
  • B. switchport truck allowed vlan none
  • C. switchport truck allowed vlan add 13
  • D. switchport truck allowed vlan remove 10-11
Reveal Solution Hide Solution   Discussion   15

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #264 Topic 1


Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?

  • A. The port transitions to STP blocking.
  • B. The port immediately transitions to STP forwarding.
  • C. The port goes into error-disable state.
  • D. The port transitions to the root port.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #265 Topic 1

Which access layer threat-mitigation technique provides security based on identity?

  • A. Dynamic ARP Inspection
  • B. DHCP snooping
  • C. 802.1x
  • D. using a non-default native VLAN
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #266 Topic 1


Refer to the exhibit. Which action do the switches take on the trunk link?

  • A. The trunk does not form, and the ports go into an err-disabled status.
  • B. The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain.
  • C. The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state.
  • D. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️
The trunk still forms with mismatched native VLANs and the traffic can actually flow between mismatched switches. But it is absolutely necessary that the native
VLANs on both ends of a trunk link match; otherwise a native VLAN mismatch occurs, causing the two VLANs to effectively merge. For example, with the above configuration, SW1 would send untagged frames for VLAN 999. SW2 receives them but would think they are for VLAN 99 so we can say these two VLANs are merged.

Community vote distribution
B (100%)

Question #267 Topic 1

A network engineer must configure two new subnets using the address block 10.70.128.0/19 to meet these requirements:
✑ The first subnet must support 24 hosts.
✑ The second subnet must support 472 hosts.
✑ Both subnets must use the longest subnet mask possible from the address block.
Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two.)

  • A. interface vlan 1148 ip address 10.70.148.1 255.255.254.0
  • B. interface vlan 3002 ip address 10.70.147.17 255.255.255.224
  • C. interface vlan 4722 ip address 10.70.133.17 255.255.255.192
  • D. interface vlan 1234 ip address 10.70.159.1 255.255.254.0
  • E. interface vlan 155 ip address 10.70.155.65 255.255.255.224
Reveal Solution Hide Solution   Discussion   43

Correct Answer: DE 🗳️

Community vote distribution
AE (95%)
2%

Question #268 Topic 1


Refer to the exhibit. An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11. PC-1 and PC-2 must be placed in the Data VLAN, and Phone-1 must be placed in the Voice VLAN. Which configuration meets these requirements?

  • A. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport access vlan 8 switchport voice vlan 9
  • B. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport voice vlan 9
  • C. interface gigabitethernet1/1 switchport mode access switchport access vlan 9 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport trunk vlan 9
  • D. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport voice vlan 8 switchport access vlan 9
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #269 Topic 1


Refer to the exhibit. Users need to connect to the wireless network with IEEE 802.11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building. What must be the configuration of the connection?

  • A. Disable AES encryption.
  • B. Enable Fast Transition and select the FT 802.1x option.
  • C. Enable Fast Transition and select the FT PSK option.
  • D. Select the WPA Policy option with the CCKM option.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: C 🗳️
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html

Community vote distribution
C (80%)
B (20%)

Question #270 Topic 1


Refer to the exhibit. An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured. Which command accomplishes this task?

  • A. switchport trunk allowed vlan 100-104
  • B. switchport trunk allowed vlan 104
  • C. switchport trunk allowed vlan all
  • D. switchport trunk allowed vlan add 104
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #271 Topic 1

Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two.)

  • A. blocking
  • B. speaking
  • C. listening
  • D. learning
  • E. forwarding
Reveal Solution Hide Solution   Discussion   6

Correct Answer: DE 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html

Community vote distribution
DE (100%)

Question #272 Topic 1

DRAG DROP -
Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #273 Topic 1

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

  • A. WLAN dynamic
  • B. trunk
  • C. access
  • D. management
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️
While the Cisco WLCs always connect to 802.1Q trunks, Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch.
This is an example switch port configuration from the Catalyst 3750: interface GigabitEthernet1/0/22 description Access Port Connection to Cisco Lightweight AP switchport access vlan 5 switchport mode access no shutdown
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/69719-wlc-lwap-config.html

Community vote distribution
C (100%)

Question #274 Topic 1


Refer to the exhibit. The following must be considered:
✑ SW1 is fully configured for all traffic.
✑ The SW4 and SW9 links to SW1 have been configured.
✑ The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured.
✑ The remaining switches have had all VLANs added to their VLAN database.
Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

  • A. SW4 interface Gi0/7 switchport mode trunk switchport trunk allowed vlan 108 ! interface Gi/0/2 switchport mode access switchport access vlan 14 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 ! interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14,108 SW9# interface Gi0/2 switchport mode access switchport access vlan 14
  • B. SW4 interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 !! interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14,108 SW9# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14
  • C. SW4 interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14 SW11# interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14 SW9# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 108
  • D. SW4 interface Gi/0/2 switchport mode access switchport access vlan 14 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14 ! interface Gi0/0 switchport mode access switchport access vlan 14 ! interface Gi0/1 switchport mode trunk SW9# interface Gi0/2 switchport mode access switchport access vlan 14
Reveal Solution Hide Solution   Discussion   27

Correct Answer: C 🗳️

Community vote distribution
B (100%)

Question #275 Topic 1


Refer to the exhibit. The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken to complete the task?

  • A. Configure the no lldp mac-phy-cfg command globally on Cat9K-2.
  • B. Configure the no lldp receive command on interface G1/0/21 on Cat9K-1.
  • C. Configure the no lldp transmit command on interface G1/0/21 on Cat9K-1.
  • D. Configure the no lldp tlv-select management-address command globally on Cat9K-2.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Community vote distribution
D (100%)

Question #276 Topic 1


Refer to the exhibit. An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

  • A. SW1(config)#interface fa0/2 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#no switchport trunk allowed vlan 3 SW1(config-if)#switchport trunk allowed vlan 2
  • B. SW1(config)#interface fa0/2 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#switchport trunk native vlan 2 SW1(config-if)#switchport trunk allowed vlan 3
  • C. SW1(config)#interface fa0/2 SW1(config-if)#no switchport mode trunk SW1(config-if)#no switchport trunk allowed vlan 3 SW1(config-if)#switchport mode access
  • D. SW1(config)#interface fa0/1 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#switchport access vlan 3 SW1(config-if)#switchport trunk allowed vlan 2
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #277 Topic 1

Refer to the exhibit. Which switch becomes the root of the spanning tree?


Switch 1 -

BID: 32778 0018.184e.3c00 -

Switch 2 -

BID: 24586 001a.e3ff.a680 -

Switch 3 -

BID: 28682 0022.55cf.cc00 -

Switch 4 -

BID: 64000 4e15.8403.08f -

  • A. Switch 1
  • B. Switch 2
  • C. Switch 3
  • D. Switch 4
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #278 Topic 1

DRAG DROP -
Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #279 Topic 1


Refer to the exhibit. An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without negotiating the channel?

  • A. Configure the IP address of the neighboring device.
  • B. Bring up the neighboring interfaces using the no shutdown command.
  • C. Change the EtherChannel mode on the neighboring interfaces to auto.
  • D. Modify the static EtherChannel configuration of the device to passive mode.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Community vote distribution
B (100%)

Question #280 Topic 1


Refer to the exhibit. Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

  • A. Interface range G1/1 ג€" 1/3 switchport mode trunk channel-group 1 mode active no shutdown
  • B. Interface range G1/1 ג€" 1/3 switchport mode access channel-group 1 mode passive no shutdown
  • C. Interface range G1/1 ג€" 1/3 switchport mode trunk channel-group 1 mode desirable no shutdown
  • D. Interface range G1/1 ג€" 1/3 switchport mode access channel-group 1 mode on no shutdown
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Community vote distribution
A (57%)
D (43%)

Question #281 Topic 1

Which switching concept is used to create separate broadcast domains?

  • A. STP
  • B. VTP
  • C. VLAN
  • D. CSMA/CD
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #282 Topic 1


Refer to the exhibit. Which action must be taken so that neighboring devices rapidly discover switch Cat9300?

  • A. Enable portfast on the ports that connect to neighboring devices.
  • B. Configure the cdp timer 10 command on switch Cat9300.
  • C. Configure the cdp holdtime 10 command on switch Cat9300
  • D. Configure the cdp timer 10 command on the neighbors of switch Cat9300
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #283 Topic 1

What is a requirement when configuring or removing LAG on a WLC?

  • A. The incoming and outgoing ports for traffic flow must be specified if LAG is enabled.
  • B. The management interface must be reassigned if LAG is disabled
  • C. The controller must be rebooted after enabling or reconfiguring LAG
  • D. Multiple untagged interfaces on the same port must be supported
Reveal Solution Hide Solution   Discussion   21

Correct Answer: B 🗳️

Community vote distribution
C (88%)
12%

Question #284 Topic 1

DRAG DROP -
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #285 Topic 1

Which type of port is used to connect the wired network when an autonomous AP maps two VLANs to its WLANs?

  • A. access
  • B. LAG
  • C. trunk
  • D. EtherChannel
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #286 Topic 1

A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch. What must be configured when using active mode on both sides of the connection?

  • A. LLDP
  • B. LACP
  • C. Cisco vPC
  • D. 802 1q trunks
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #287 Topic 1


Refer to the exhibit. An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work establish an
LACP port channel?

  • A. Change the channel-group mode on SW1 to desirable
  • B. Change the channel-group mode on SW1 to active or passive
  • C. Change the channel-group mode on SW2 to auto
  • D. Configure the interface port-channel 1 command on both swtiches
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #288 Topic 1


Refer to the exhibit. For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:
✑ Disable all neighbor discovery methods on R5 interface Gi0/1
✑ Permit neighbor discovery on R5 interface Gi0/2.
✑ Verify there are no dynamically learned neighbors on R5 interface Gi0/1.
✑ Display the IP address of R6's interface Gi0/2
Which configuration must be used?

  • A. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#lldp run R5(config)#no cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor
  • B. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#no lldp run R5(config)#cdp run R5#sh cdp neighbor R5#sh lldp neighbor
  • C. R5(config)#int Gi0/1 R5(config-if)#no cdp run R5(config-if)#exit R5(config)#lldp run R5(config)#cdp enable R5#sh cdp neighbor R5#sh lldp neighbor
  • D. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#no lldp run R5(config)#cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #289 Topic 1

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

  • A. disabled
  • B. listening
  • C. learning
  • D. blocking
  • E. forwarding
Reveal Solution Hide Solution   Discussion   2

Correct Answer: BC 🗳️

Question #290 Topic 1

DRAG DROP -
Drag and drop the management connection types from the left onto the definitions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #291 Topic 1

An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used?

  • A. interface fastethernet0/1 switchport voice vlan dot1p
  • B. interface fastethernet0/1 switchport priority extend cos 7
  • C. interface fastethernet0/1 switchport voice vlan untagged
  • D. interface fastethernet0/1 switchport priority extend trust
Reveal Solution Hide Solution   Discussion   16

Correct Answer: D 🗳️

Community vote distribution
D (67%)
B (33%)

Question #292 Topic 1


Refer to the exhibit. Which change to the configuration on Switch2 allows the two switches to establish an EtherChannel?

  • A. Change the LACP mode to desirable
  • B. Change the protocol to PAgP and use auto mode
  • C. Change the LACP mode to active
  • D. Change the protocol to EtherChannel mode on
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #293 Topic 1


Refer to the exhibit. An engineer must configure the interface that connects to PC1 and secure it in a way that only PC1 is allowed to use the port. No VLAN tagging can be used except for a voice VLAN. Which command sequence must be entered to configure the switch?

  • A. SW1(config-if)#switchport mode dynamic auto SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security violation restrict
  • B. SW1(config-if)#switchport mode nonegotiate SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security maximum 1
  • C. SW1(config-if)#switchport mode access SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security mac-address 0050.7966.6800
  • D. SW1(config-if)#switchport mode dynamic desirable SW1(config-if)#switchport port-security mac-address 0050.7966.6800 SW1(config-if)#switchport port-security mac-address sticky
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #294 Topic 1

Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs?

  • A. RADIUS
  • B. TACACS+
  • C. 802.1X
  • D. Kerberos
Reveal Solution Hide Solution   Discussion   34

Correct Answer: A 🗳️

Community vote distribution
B (98%)
2%

Question #295 Topic 1

Which port type supports the spanning-tree portfast command without additional configuration?

  • A. trunk ports
  • B. Layer 3 sub interfaces
  • C. Layer 3 main interfaces
  • D. access ports
Reveal Solution Hide Solution   Discussion   10

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #296 Topic 1


Refer to the exhibit. What are two conclusions about this configuration? (Choose two.)

  • A. The spanning-tree mode is Rapid PVST+
  • B. This tea root bridge
  • C. The spanning-tree mode is PVST+
  • D. The designated port is FastEthernet 2/1
  • E. The root port is FastEthernet 2/1
Reveal Solution Hide Solution   Discussion   9

Correct Answer: AE 🗳️

Community vote distribution
AE (100%)

Question #297 Topic 1

A Cisco engineer must configure a single switch interface to meet these requirements:
✑ Accept untagged frames and place them in VLAN 20
Accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

  • A. switchport mode dynamic desirable switchport access vlan 20 switchport trunk allowed vlan 30 switchport voice vlan 30
  • B. switchport mode access switchport access vlan 20 switchport voice vlan 30
  • C. switchport mode dynamic auto switchport trunk native vlan 20 switchport trunk allowed vlan 30 switchport voice vlan 30
  • D. switchport mode trunk switchport access vlan 20 switchport voice vlan 30
Reveal Solution Hide Solution   Discussion   29

Correct Answer: D 🗳️

Community vote distribution
B (85%)
Other

Question #298 Topic 1

What does a switch use to build its MAC address table?

  • A. VTP
  • B. DTP
  • C. ingress traffic
  • D. egress traffic
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #299 Topic 1


Refer to the exhibit. The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication?

  • A. interface range gigabitethernet0/0/0-15 channel-group 1 mode on
  • B. interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable
  • C. interface port-channel 1 channel-group 1 mode auto
  • D. interface port-channel 1 channel-group 1 mode passive
Reveal Solution Hide Solution   Discussion   26

Correct Answer: D 🗳️

Community vote distribution
D (72%)
A (28%)

Question #300 Topic 1

Which command entered on a switch configured with Rapid PVST+ listens and learns for a specific time period?

  • A. switch(config)#spanning-tree vlan 1 priority 4096
  • B. switch(config)#spanning-tree vlan 1 hello-time 10
  • C. switch(config)#spanning-tree vlan 1 max-age 6
  • D. switch(config)#spanning-tree vlan 1 forward-time 20
Reveal Solution Hide Solution   Discussion   12

Correct Answer: D 🗳️

Community vote distribution
D (83%)
C (17%)

Question #301 Topic 1

What must a network administrator consider when deciding whether to configure a new wireless network with APs in autonomous mode or APs running in cloud- based mode?

  • A. Autonomous mode APs are less dependent on an underlay but more complex to maintain than APs in cloud-based mode.
  • B. Cloud-based mode APs relay on underlays and are more complex to maintain than APs in autonomous mode.
  • C. Cloud-based mode APs are easy to deploy but harder to automate than APs in autonomous mode.
  • D. Autonomous mode APs are easy to deploy and automate than APs in cloud-based mode.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #302 Topic 1

When a switch receives a frame for an unknown destination MAC address, how is the frame handled?

  • A. flooded to all ports except the origination port
  • B. forwarded to the first available port
  • C. broadcast to all ports on the switch
  • D. inspected and dropped by the switch
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #303 Topic 1

Which state is bypassed in Rapid PVST+ when PortFast is enabled on a port?

  • A. blocking
  • B. forwarding
  • C. learning
  • D. discarding
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #304 Topic 1

What happens when a switch receives a frame with a destination MAC address that recently aged out?

  • A. The switch floods the frame to all ports in all VLANs except the port that received the frame.
  • B. The switch floods the frame to all ports in the VLAN except the port that received the frame.
  • C. The switch references the MAC address aging table for historical addresses on the port that received the frame.
  • D. The switch drops the frame and learns the destination MAC address again from the port that received the frame.
Reveal Solution Hide Solution   Discussion   16

Correct Answer: B 🗳️

Community vote distribution
B (67%)
A (33%)

Question #305 Topic 1

What is a function of store-and forward switching?

  • A. It reduces latency by eliminating error checking within the frame
  • B. It produces an effective level of error-free network traffic using CRCs.
  • C. It buffers frames and forwards regardless of errors within the frames.
  • D. It forwards a frame by checking only the destination MAC address
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #306 Topic 1


Refer to the exhibit. Switch AccSw1 has just been added to the network along with PC2. All VLANs have been implemented on AccSw2. How must the ports on
AccSw2 be configured to establish Layer 2 connectivity between PC1 and PC2?

  • A. interface GigabitEthernet1/2 switchport mode access switchport access vlan 2 ! interface GigabitEthernet1/24 switchport mode trunk
  • B. interface GigabitEthernet1/1 switchport mode access switchport access vlan 11 ! interface GigabitEthernet1/24 switchport mode trunk
  • C. interface GigabitEthernet1/24 switchport mode trunk switchport trunk allowed vlan 11, 12 ! interface GigabitEthernet1/1 switchport access vlan 11
  • D. interface GigabitEthernet1/2 switchport mode access switchport access vlan 12 ! interface GigabitEthernet1/24 switchport mode trunk switchport trunk allowed vlan 11, 12
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️

Community vote distribution
B (91%)
9%

Question #307 Topic 1


Refer to the exhibit. A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes. Which configuration must the engineer apply?

  • A. Switch2(config)#lldp timer 60 Switch2(config)#lldp tlv-select 180
  • B. Switch2(config)#lldp timer 60 Switch2(config)#lldp holdtime 180
  • C. Switch2(config)#lldp timer 1 Switch2(config)#lldp holdtime 3
  • D. Switch2(config)#lldp timer 1 Switch2(config)#lldp tlv-select 3
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️


Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/system_management/configuration/guide/ b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide/sm_lldp.pdf

Question #308 Topic 1


Refer to the exhibit. Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

  • A. SwitchA(config-if)#switchport mode access SwitchA(config-if)#switchport access vlan 50 SwitchA(config-if)#switchport voice vlan 51
  • B. SwitchA(config-if)#switchport mode trunk SwitchA(config-if)#switchport trunk allowed vlan add 50, 51 SwitchA(config-if)#switchport voice vlan dot1p
  • C. SwitchA(config-if)#switchport mode trunk SwitchA(config-if)#switchport trunk allowed vlan 50, 51 SwitchA(config-if)#mis qos trust cos
  • D. SwitchA(config-if)#switchport mode access SwitchA(config-if)#switchport access vlan 50 SwitchA(config-if)#switchport voice vlan untagged
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #309 Topic 1


Refer to the exhibit. Two new switches are being installed. The remote monitoring team uses the support network to monitor both switches. Which configuration is the next step to establish a Layer 2 connection between the two PCs?

  • A. SwitchA(config)#interface GigabitEthernet0/1 SwitchA(config-if)#switchport access vlan 500 SwitchB(config)#interface GigabitEthernet0/1 SwitchB(config-if)#switchport access vlan 500
  • B. SwitchA(config)#interface GigabitEthernet0/1 SwitchA(config-if)#switchport mode trunk SwitchB(config)#interface GigabitEthernet0/1 SwitchB(config-if)#switchport mode trunk
  • C. SwitchA(config)#interface GigabitEthernet0/0 SwitchA(config-if)#switchport trunk allowed vlan 500, 550 SwitchB(config)#interface GigabitEthernet0/0 SwitchB(config-if)#switchport trunk allowed vlan 500, 550
  • D. SwitchA(config)#interface GigabitEthernet0/0 SwitchA(config-if)#spanning-tree portfast SwitchA(config-if)#spanning-tree bpduguard enable SwitchB(config)#interface GigabitEthernet0/0 SwitchB(config-if)#spanning-tree portfast SwitchB(config-if)#spanning-tree bpduguard enable
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Community vote distribution
A (75%)
C (25%)

Question #310 Topic 1


Refer to the exhibit. An engineer is configuring a new Cisco switch, NewSW, to replace SW2. The details have been provided:
✑ Switches SW1 and SW2 are third-party devices without support for trunk ports.
✑ The existing connections must be maintained between PC1, PC2, and PC3.
✑ Allow the switch to pass traffic from future VLAN 10.
Which configuration must be applied?

  • A. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode trunk NewSW(config-if)#switchport trunk native vlan 10 NewSW(config-if)#switchport trunk native vlan 10
  • B. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode access NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 2
  • C. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode access NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 10
  • D. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode trunk NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 2
Reveal Solution Hide Solution   Discussion   24

Correct Answer: D 🗳️

Community vote distribution
D (68%)
B (32%)

Question #311 Topic 1

Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture?

  • A. AP-Manager
  • B. service port
  • C. dynamic
  • D. virtual
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Community vote distribution
B (100%)

Question #312 Topic 1


Refer to the exhibit. The network engineer is configuring a new WLAN and is told to use a setup password for authentication instead of the RADIUS servers.
Which additional set of tasks must the engineer perform to complete the configuration?

  • A. Disable PMF Enable PSK Enable 802.1x
  • B. Select WPA Policy Enable CCKM Enable PSK
  • C. Select WPA Policy Select WPA2 Policy Enable FT PSK
  • D. Select WPA2 Policy Disable PMF Enable PSK
Reveal Solution Hide Solution   Discussion   17

Correct Answer: D 🗳️

Community vote distribution
D (62%)
B (27%)
12%

Question #313 Topic 1

Which mode must be set for Aps to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

  • A. route
  • B. bridge
  • C. lightweight
  • D. autonomous
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #314 Topic 1

Which switch technology establishes a network connection immediately when it is plugged in?

  • A. PortFast
  • B. BPDU guard
  • C. UplinkFast
  • D. BackboneFast
Reveal Solution Hide Solution   Discussion   10

Correct Answer: A 🗳️

Community vote distribution
A (83%)
C (17%)

Question #315 Topic 1

Which command on a port enters the forwarding state immediately when a PC is connected to it?

  • A. switch(config)#spanning-tree portfast default
  • B. switch(config)#spanning-tree portfast bpduguard default
  • C. switch(config-if)#spanning-tree portfast trunk
  • D. switch(config-if)#no spanning-tree portfast
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Community vote distribution
A (100%)

Question #316 Topic 1

If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames?

  • A. The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent
  • B. The previous frame is delivered, the new frame is dropped, and a retransmission request is sent
  • C. The new frame is placed in a queue for transmission after the previous frame
  • D. The two frames are processed and delivered at the same time
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Community vote distribution
C (100%)

Question #317 Topic 1


Refer to the exhibit. The entire MAC address table for SW1 is shown here:

What does SW1 do when Br-4 sends a frame for Br-2

  • A. It performs a lookup in the MAC address table for Br-4 and discards toe frame due to a missing entry.
  • B. It floods the frame out or all ports except on the port where Br-2 is connected.
  • C. It Inserts the source MAC address and port into the forwarding table and forwards the frame to Br-2.
  • D. It maps the Layer 2 MAC address for Fa0/3 to the Layer 3 IP address and towards the frame.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #318 Topic 1

Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?

  • A. To pass client traffic two or more ports must be configured
  • B. The EtherChannel must be configured in ג€mode activeג€
  • C. When enabled, the WLC bandwidth drops to 500 Mbps
  • D. One functional physical port is needed to pass client traffic
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Community vote distribution
D (100%)

Question #319 Topic 1


Refer to the exhibit. An engineer is configuring an EtherChannel using LACP between Switches 1 and 2.
Which configuration must be applied so that only Switch 1 sends LACP initiation packets?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   2

Correct Answer: B

Question #320 Topic 1



Refer to the exhibit. The entire Marketing-SW1 MAC address table is shown here:
What does the switch do when PC-4 sends a frame to PC-1?

  • A. It performs a lookup in the MAC address table and discards the frame due to a missing entry.
  • B. It maps the Layer 2 MAC address to the Layer 3 IP address and forwards the frame.
  • C. It inserts the source MAC address and port into the table and forwards the frame to PC-1.
  • D. It floods the frame out of all ports except on the port where PC-1 is connected.
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #321 Topic 1


Refer to the exhibit. All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   4

Correct Answer: A

Question #322 Topic 1



Refer to the exhibit. Which switch becomes the root of a spanning tree for VLAN 10 if the primary switch fails and all links are of equal speed?

  • A. SW1
  • B. SW2
  • C. SW3
  • D. SW4
Reveal Solution Hide Solution   Discussion   80

Correct Answer: C 🗳️

Question #323 Topic 1


Refer to the exhibit. Host A sent a data frame destined for host D.

What does the switch do when it receives the frame from host A?

  • A. It floods the frame out of all ports except port Fa0/1
  • B. It experiences a broadcast storm
  • C. It shuts down the port Fa0/1 and places it in err-disable mode
  • D. It drops the frame from the switch CAM table
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #324 Topic 1



Refer to the exhibit. Which switch becomes the root of the spanning tree?

  • A. Switch 1
  • B. Switch 2
  • C. Switch 3
  • D. Switch 4
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️
The root bridge is the bridge with the lowest Bridge ID. All the decisions like which ports are the root ports (the port with the best path to the root bridge) are made from the perspective of the root bridge. In case of a tie (not the case in this example) then the root bridge will be the switch with the lowest MAC address.

Question #325 Topic 1

Which channel-group mode must be configured when multiple distribution interfaces connected to a WLC are bundled?

  • A. Channel-group mode passive.
  • B. Channel-group mode on.
  • C. Channel-group mode desirable.
  • D. Channel-group mode active.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #326 Topic 1



Refer to the exhibit. Which switch become the root of a spanning tree for VLAN 20 if all links are of equal speed?

  • A. SW1
  • B. SW2
  • C. SW3
  • D. SW4
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #327 Topic 1

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets transverse the same port and maintain traffic separation between the
VLANs?

  • A. VLAN marking
  • B. VLAN numbering
  • C. VLAN DSCP
  • D. VLAN tagging
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #328 Topic 1

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

  • A. VLAN ID
  • B. SSID
  • C. RFID
  • D. WLAN ID
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Question #329 Topic 1

An engineer must configure neighbor discovery between the company router and an ISP.

What is the next step to complete the configuration if the ISP uses a third-party router?

  • A. Enable LLDP globally.
  • B. Disable CDP on gi0/0.
  • C. Enable LLDP TLVs on the ISP router.
  • D. Disable auto-negotiation.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #330 Topic 1

DRAG DROP -
Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #331 Topic 1

What is a function of MAC learning on a switch?

  • A. MAC address learning is disabled by default on all VLANs.
  • B. Frames received for a destination MAC address not listed in the address table are dropped.
  • C. The MAC address table is used to populate the ARP table.
  • D. A static MAC address is manually added to the MAC table.
Reveal Solution Hide Solution   Discussion   24

Correct Answer: D 🗳️

Question #332 Topic 1

What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table?

  • A. It changes the checksum of the frame to a value that indicates an invalid frame.
  • B. It updates the CAM table with the destination MAC address of the frame.
  • C. It appends the table with a static entry for the MAC and shuts down the port.
  • D. It floods the frame unchanged across all remaining ports in the incoming VLAN.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #333 Topic 1

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

  • A. 200 seconds
  • B. 300 seconds
  • C. 600 seconds
  • D. 900 seconds
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #334 Topic 1

A project objective is to minimize the association time to the different access points as mobile devices move around the office. The ideal solution must cover numerous devices and device types, including laptops, mobile phones, tablets and wireless printers. What must be configured?

  • A. 802.11v BSS Max Idle Service
  • B. 802.11v Disassociation Imminent
  • C. 802.11ax BSS configure
  • D. 802.11k neighbor List Dual Band
Reveal Solution Hide Solution   Discussion   14

Correct Answer: B 🗳️

Question #335 Topic 1

Which two protocols are used by an administrator for authentication and configuration on access points? (Choose two.)

  • A. 802.1Q
  • B. RADIUS
  • C. Kerberos
  • D. TACACS+
  • E. 802.1x
Reveal Solution Hide Solution   Discussion   3

Correct Answer: BD 🗳️

Question #336 Topic 1

DRAG DROP -
Drag and drop the statements about access-point modes from the left onto the corresponding modes on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   15

Correct Answer:

Question #337 Topic 1

A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP. How must the alarms be stopped for the MAC address of the AP?

  • A. Remove the AP from WLC management
  • B. Place the AP into manual containment.
  • C. Manually remove the AP from Pending state.
  • D. Set the AP Class Type to Friendly.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Question #338 Topic 1

What is one reason to implement LAG on a Cisco WLC?

  • A. to increase security and encrypt management frames
  • B. to enable connected switch ports to failover and use different VLANs
  • C. to provide link redundancy and load balancing
  • D. to allow for stateful and link-state failover
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #339 Topic 1

When an access point is seeking to join wireless LAN controller, which message is sent to the AP-Manager interface?

  • A. Discovery response
  • B. DHCP request
  • C. DHCP discover
  • D. Discovery request
Reveal Solution Hide Solution   Discussion   16

Correct Answer: C 🗳️
The LAPs always connect to the management interface address of the controller first with a discovery request. The controller then tells the LAP the Layer 3 AP- manager interface (which can also be the management by default) IP address so the LAP can send a join request to the AP-manager interface next.
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html

Question #340 Topic 1


Refer to the exhibit. A network engineer configures the Cisco WLC to authenticate local wireless clients against a RADIUS server. Which task must be performed to complete the process?

  • A. Change the Support for CoA to Enabled
  • B. Select Enable next to Management
  • C. Select Enable next to Network User
  • D. Change the Server Status to Disabled
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #341 Topic 1

After installing a new Cisco ISE server which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials?

  • A. Disable the LAG Mode on Next Reboot.
  • B. Enable the Event Driven RRM.
  • C. Enable the Allow AAA Override.
  • D. Enable the Authorize MIC APs against auth-list or AAA
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #342 Topic 1

Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

  • A. longest prefix
  • B. administrative distance
  • C. cost
  • D. metric
Reveal Solution Hide Solution   Discussion   27

Correct Answer: A 🗳️

Question #343 Topic 1

Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to help resolve the configuration issue?

  • A. set the default gateway as 20.20.20.2
  • B. configure a static route with Fa0/1 as the egress interface to reach the 20.20.2.0/24 network
  • C. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network
  • D. set the default network as 20.20.20.0/24
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #344 Topic 1

By default, how does EIGRP determine the metric of a route for the routing table?

  • A. It uses the bandwidth and delay values of the path to calculate the route metric.
  • B. It uses a default metric of 10 for all routes that are learned by the router.
  • C. It counts the number of hops between the receiving and destination routers and uses that value as the metric.
  • D. It uses a reference bandwidth and the actual bandwidth of the connected link to calculate the route metric.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #345 Topic 1

Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration accomplishes this task?

  • A. R1#config t R1(config)#ip routing R1(config)#ip route default-route 192.168.1.1
  • B. R1#config t R1(config)#ip routing R1(config)#ip route 192.168.1.1 0.0.0.0 0.0.0.0
  • C. R1#config t R1(config)#ip routing R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
  • D. R1#config t R1(config)#ip routing R1(config)#ip default-gateway 192.168.1.1
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #346 Topic 1

A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

  • A. ip route 10.10.1.0 255.255.255.240 10.10.255.1
  • B. ip route 10.10.1.20 255.255.255.252 10.10.255.1
  • C. ip route 10.10.1.16 255.255.255.252 10.10.255.1
  • D. ip route 10.10.1.20 255.255.255.254 10.10.255.1
Reveal Solution Hide Solution   Discussion   20

Correct Answer: B 🗳️

Question #347 Topic 1


Refer to the exhibit. How does the router manage traffic to 192.168.12.16?

  • A. It chooses the EIGRP route because it has the lowest administrative distance.
  • B. It load-balances traffic between all three routes.
  • C. It chooses the OSPF route because it has the longest prefix inclusive of the destination address.
  • D. It selects the RIP route because it has the longest prefix inclusive of the destination address.
Reveal Solution Hide Solution   Discussion   58

Correct Answer: D 🗳️

Question #348 Topic 1

What are two reasons for an engineer to configure a floating static route? (Choose two.)

  • A. to enable fallback static routing when the dynamic routing protocol fails
  • B. to route traffic differently based on the source IP of the packet
  • C. to automatically route traffic on a secondary path when the primary path goes down
  • D. to support load balancing via static routing
  • E. to control the return path of traffic that is sent from the router
Reveal Solution Hide Solution   Discussion   6

Correct Answer: AC 🗳️

Question #349 Topic 1


Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16?

  • A. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address
  • B. It selects the RIP route because it has the longest prefix inclusive of the destination address
  • C. It selects the OSPF route because it has the lowest cost
  • D. It selects the EIGRP route because it has the lowest administrative distance
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #350 Topic 1


Refer to the exhibit. A router received these five routes from different routing information sources. Which two routes does the router install in its routing table?
(Choose two.)

  • A. OSPF route 10.0.0.0/30
  • B. IBGP route 10.0.0.0/30
  • C. OSPF route 10.0.0.0/16
  • D. EIGRP route 10.0.0.1/32
  • E. RIP route 10.0.0.0/30
Reveal Solution Hide Solution   Discussion   27

Correct Answer: AD 🗳️

Question #351 Topic 1


Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165?

  • A. Router2
  • B. Router3
  • C. Router4
  • D. Router5
Reveal Solution Hide Solution   Discussion   19

Correct Answer: B 🗳️

Question #352 Topic 1

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

  • A. route with the next hop that has the highest IP
  • B. route with the lowest cost
  • C. route with the lowest administrative distance
  • D. route with the shortest prefix length
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Question #353 Topic 1

Which two minimum parameters must be configured on an active interface to enable OSPFV2 to operate? (Choose two.)

  • A. OSPF process ID
  • B. OSPF MD5 authentication key
  • C. OSPF stub flag
  • D. IPv6 address
  • E. OSPF area
Reveal Solution Hide Solution   Discussion   14

Correct Answer: AE 🗳️

Question #354 Topic 1

Refer to the exhibit. What commands are needed to add a sub-interface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?

  • A. R1(config)#interface ethernet0/0 R1(config-if)#encapsulation dot1q 20 R1(config-if)#ip address 10.20.20.1 255.255.255.0
  • B. R1(config)#interface ethernet0/0.20 R1(config-if)#encapsulation dot1q 20 R1(config-if)#ip address 10.20.20.1 255.255.255.0
  • C. R1(config)#interface ethernet0/0.20 R1(config-if)#ip address 10.20.20.1 255.255.255.0
  • D. R1(config)#interface ethernet0/0 R1(config-if)#ip address 10.20.20.1 255.255.255.0
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #355 Topic 1


Refer to the exhibit. What does router R1 use as its OSPF router-ID?

  • A. 10.10.1.10
  • B. 10.10.10.20
  • C. 172.16.15.10
  • D. 192.168.0.1
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️
OSPF uses the following criteria to select the router ID:
1. Manual configuration of the router ID (via the ג€router-id x.x.x.xג€ command under OSPF router configuration mode).
2. Highest IP address on a loopback interface.
3. Highest IP address on a non-loopback and active (no shutdown) interface.

Question #356 Topic 1


Refer to the exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the New York router? (Choose two.)

  • A. ipv6 route 2000::3/128 s0/0/0
  • B. ipv6 route 2000::1/128 s0/0/1
  • C. ipv6 route 2000::1/128 2012::1
  • D. ipv6 route 2000::1/128 2012::2
  • E. ipv6 route 2000::3/128 2023::3
Reveal Solution Hide Solution   Discussion   18

Correct Answer: CE 🗳️

Question #357 Topic 1


Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. What is the reason for the problem?

  • A. The OSPF process IDs are mismatched
  • B. The network statement on Router1 is misconfigured
  • C. Router2 is using the default hello timer
  • D. The OSPF router IDs are mismatched
Reveal Solution Hide Solution   Discussion   15

Correct Answer: C 🗳️

Question #358 Topic 1


Refer to the exhibit. Which route type is configured to reach the Internet?

  • A. floating static route
  • B. host route
  • C. network route
  • D. default route
Reveal Solution Hide Solution   Discussion   14

Correct Answer: D 🗳️

Question #359 Topic 1


Refer to the exhibit. Which path is used by the router for Internet traffic?

  • A. 209.165.200.0/27
  • B. 0.0.0.0/0
  • C. 10.10.13.0/24
  • D. 10.10.10.0/28
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Question #360 Topic 1

When OSPF learns multiple paths to a network, how does it select a route?

  • A. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.
  • B. It counts the number of hops between the source router and the destination to determine the route with the lowest metric.
  • C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the exiting interface to calculate the route with the lowest cost.
  • D. It multiplies the active K values by 256 to calculate the route with the lowest metric.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: C 🗳️

Question #361 Topic 1

When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

  • A. The administrative distance must be higher on the primary route so that the backup route becomes secondary.
  • B. The default-information originate command must be configured for the route to be installed into the routing table.
  • C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup.
  • D. The floating static route must have a higher administrative distance than the primary route so it is used as a backup
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #362 Topic 1


Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

  • A. A point-to-point network type is configured.
  • B. The interface is not participating in OSPF.
  • C. The default Hello and Dead timers are in use.
  • D. There are six OSPF neighbors on this interface.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️
From the output we can see there are Designated Router & Backup Designated Router for this OSPF domain so this is a broadcast network (point-to-point and point-to-multipoint networks do not elect DR & BDR).
By default, the timers on a broadcast network (Ethernet, point-to-point and point-to-multipoint) are 10 seconds hello and 40 seconds dead. The timers on a non- broadcast network are 30 seconds hello 120 seconds dead.
From the line ג€Neighbor Count is 3ג€, we learn there are four OSPF routers in this OSPF domain.
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13689-17.html

Question #363 Topic 1

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, to which type of OSPF network does this interface belong?

  • A. point-to-multipoint
  • B. point-to-point
  • C. broadcast
  • D. nonbroadcast
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️
The Broadcast network type is the default for an OSPF enabled ethernet interface (while Point-to-Point is the default OSPF network type for Serial interface with
HDLC and PPP encapsulation).
Reference:
https://www.oreilly.com/library/view/cisco-ios-cookbook/0596527225/ch08s15.html

Question #364 Topic 1

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

  • A. dual algorithm
  • B. metric
  • C. administrative distance
  • D. hop count
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️
Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines the reliability of a routing protocol.

Question #365 Topic 1

Router A learns the same route from two different neighbors; one of the neighbor routers is an OSPF neighbor, and the other is an EIGRP neighbor.
What is the administrative distance of the route that will be installed in the routing table?

  • A. 20
  • B. 90
  • C. 110
  • D. 115
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️
The Administrative distance (AD) of EIGRP is 90 while the AD of OSPF is 110 so EIGRP route will be chosen to install into the routing table.

Question #366 Topic 1


Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path.
What is the expected behavior for the traffic flow for route 10.10.13.0/25?

  • A. Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces.
  • B. Traffic to 10.10.13.0/25 is asymmetrical.
  • C. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
  • D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table.
Reveal Solution Hide Solution   Discussion   65

Correct Answer: D 🗳️
The AD of eBGP (20) is smaller than that of OSPF (110) so the route to 10.10.13.0/25 will be updated as being learned from the new BGP path.

Question #367 Topic 1

Which two actions influence the EIGRP route selection process? (Choose two.)

  • A. The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
  • B. The router calculates the feasible distance of all paths to the destination route.
  • C. The router must use the advertised distance as the metric for any given route.
  • D. The router calculates the best backup path to the destination route and assigns it as the feasible successor.
  • E. The router calculates the reported distance by multiplying the delay on the exiting interface by 256.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: BD 🗳️
The reported distance (or advertised distance) is the cost from the neighbor to the destination. It is calculated from the router advertising the route to the network.
For example in the topology below, suppose router A & B are exchanging their routing tables for the first time. Router B says ג€Hey, the best metric (cost) from me to IOWA is 50 and the metric from you to IOWA is 90ג€ and advertises it to router A. Router A considers the first metric (50) as the Advertised distance. The second metric (90), which is from NEVADA to IOWA (through IDAHO), is called the Feasible distance.

The reported distance is calculated in the same way of calculating the metric. By default (K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0), the metric is calculated as follows:

Feasible successor is the backup route. To be a feasible successor, the route must have an Advertised distance (AD) less than the Feasible distance (FD) of the current successor route.
Feasible distance (FD): The sum of the AD plus the cost between the local router and the next-hop router. The router must calculate the FD of all paths to choose the best path to put into the routing table.
Note: Although the new CCNA exam does not have EIGRP topic but you should learn the basic knowledge of this routing protocol.

Question #368 Topic 1


Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

  • A. It sends packets out of interface Fa0/1 only.
  • B. It sends packets out of interface Fa0/2 only.
  • C. It load-balances traffic out of Fa0/1 and Fa0/2.
  • D. It cannot send packets to 10.10.13.128/25.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️
Router2 does not have an entry for the subnet 10.10.13.128/25. It only has an entry for 10.10.13.0/25, which ranges from 10.10.13.0 to 10.10.13.127.

Question #369 Topic 1

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

  • A. The two routers negotiate one router as the active router and the other as the standby router.
  • B. The two routers share the same interface IP address, and default gateway traffic is load-balanced between them.
  • C. The two routers synchronize configurations to provide consistent packet forwarding.
  • D. Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them.
  • E. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: AE 🗳️

Question #370 Topic 1


Refer to the exhibit. An engineer is configuring the New York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path.
Which two commands must be configured on the New York router so that it reaches the Lo1 interface of the Atlanta router via Washington when the link between
New York and Atlanta goes down? (Choose two.)

  • A. Ipv6 route 2000::1/128 2012::1
  • B. Ipv6 route 2000::1/128 2012::1 5
  • C. Ipv6 route 2000::1/128 2012::2
  • D. Ipv6 route 2000::1/128 2023::2 5
  • E. Ipv6 route 2000::1/128 2023::3 5
Reveal Solution Hide Solution   Discussion   23

Correct Answer: AE 🗳️
Floating static routes are static routes that have an administrative distance greater than the administrative distance (AD) of another static route or dynamic routes.
By default a static route has an AD of 1 then floating static route must have the AD greater than 1. Floating static route has a manually configured administrative distance greater than that of the primary route and therefore would not be in the routing table until the primary route fails.

Question #371 Topic 1

How does HSRP provide first hop redundancy?

  • A. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.
  • B. It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN.
  • C. It forwards multiple packets to the same destination over different routed links in the data path.
  • D. It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16-book/fhp-hsrp-mgo.html

Question #372 Topic 1

Refer to the exhibit. Which action establishes the OSPF neighbor relationship without forming an adjacency?

  • A. modify hello interval
  • B. modify process ID
  • C. modify priority
  • D. modify network type
Reveal Solution Hide Solution   Discussion   38

Correct Answer: A 🗳️

Question #373 Topic 1

Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP primary router after it is reloaded?

  • A. standby 10 preempt
  • B. standby 10 version 1
  • C. standby 10 priority 150
  • D. standby 10 version 2
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️
The ג€preemptג€ command enables the HSRP router with the highest priority to immediately become the active router.

Question #374 Topic 1

Which command should you enter to verify the priority of a router in an HSRP group?

  • A. show hsrp
  • B. show sessions
  • C. show interfaces
  • D. show standby
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️
The following is sample output from the show standby command:

Question #375 Topic 1

Refer to the exhibit. Which command would you use to configure a static route on Router1 to network 192.168.202.0/24 with a nondefault administrative distance?

  • A. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1
  • B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5
  • C. router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2
  • D. router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️
The default AD of static route is 1 so we need to configure another number for the static route.

Question #376 Topic 1

Which of the following dynamic routing protocols are Distance Vector routing protocols?

  • A. IS-IS
  • B. EIGRP
  • C. OSPF
  • D. BGP
  • E. RIP
Reveal Solution Hide Solution   Discussion   14

Correct Answer: BE 🗳️

Question #377 Topic 1

You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface.
Which action can you take to correct the problem in the least disruptive way?

  • A. Reload the OSPF process
  • B. Specify a loopback address
  • C. Reboot the router
  • D. Save the router configuration
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️
Once an OSPF Router ID selection is done, it remains there even if you remove it or configure another OSPF Router ID. So the least disruptive way is to correct it using the command ג€clear ip ospf processג€.

Question #378 Topic 1

Which command should you enter to view the error log in an EIGRP for IPv6 environment?

  • A. show ipv6 eigrp neighbors
  • B. show ipv6 eigrp topology
  • C. show ipv6 eigrp traffic
  • D. show ipv6 eigrp events
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #379 Topic 1

Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.)

Refer to the exhibit. Router R1 must be configured to reach the 10.0.3.0/24 network from the 10.0.1.0/24 segment. Which command must be used to configure the route?

  • A. route add 10.0.3.0 0.255.255.255 10.0.4.2
  • B. ip route 10.0.3.0 0.255.255.255 10.0.4.2
  • C. route add 10.0.3.0 mask 255.255.255.0 10.0.4.3
  • D. ip route 10.0.3.0 255.255.255.0 10.0.4.3
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #380 Topic 1


  • A. The EIGRP administrative distance was manually changed from 90 to 170.
  • B. There are 20 different network masks within the 10.0.0.0/8 network.
  • C. Ten routes are equally load-balanced between Te0/1/0.100 and Te0/2/0.100.
  • D. The 10.0.0.0/8 network was learned via external EIGRP.
  • E. A static default route to 10.85.33.14 was defined.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: BC 🗳️

Question #381 Topic 1

Which two statements about exterior routing protocols are true? (Choose two.)

  • A. They determine the optimal within an autonomous system.
  • B. They determine the optimal path between autonomous systems.
  • C. BGP is the current standard exterior routing protocol.
  • D. Most modern networking supports both EGP and BGP for external routing.
  • E. Most modern network routers support both EGP and EIGRP for external routing.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: BC 🗳️

Question #382 Topic 1

You have two paths for the 10.10.10.0 network - one that has a feasible distance of 3072 and the other of 6144.
What do you need to do to load balance your EIGRP routes?

  • A. Change the maximum paths to 2
  • B. Change the configuration so they both have the same feasible distance
  • C. Change the variance for the path that has a feasible distance of 3072 to 2
  • D. Change the IP addresses so both paths have the same source IP address
Reveal Solution Hide Solution   Discussion   16

Correct Answer: BC 🗳️
Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. Use the variance n command in order to instruct the router to include routes with a metric of less than n times the minimum metric route for that destination. The variable n can take a value between 1 and 128. The default is 1, which means equal cost load balancing. Traffic is also distributed among the links with unequal costs, proportionately, with respect to the metric.
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13677-19.html#topic1

Question #383 Topic 1

DRAG DROP -
Drag each route source from the left to the numbers on the right. Beginning with the lowest and ending with the highest administrative distance.
Select and Place:

Reveal Solution Hide Solution   Discussion   7

Correct Answer:

Question #384 Topic 1

Which two circumstances can prevent two routers from establishing an OSPF neighbor adjacency? (Choose two.)

  • A. mismatched autonomous system numbers
  • B. an ACL blocking traffic from multicast address 224.0.0.10
  • C. mismatched process IDs
  • D. mismatched hello timers and dead timers
  • E. use of the same router ID on both devices
Reveal Solution Hide Solution   Discussion   17

Correct Answer: DE 🗳️

Question #385 Topic 1

Which three describe the reasons large OSPF networks use a hierarchical design? (Choose three.)

  • A. to speed up convergence
  • B. to reduce routing overhead
  • C. to lower costs by replacing routers with distribution layer switches
  • D. to decrease latency by increasing bandwidth
  • E. to confine network instability to single areas of the network
  • F. to reduce the complexity of router configuration
Reveal Solution Hide Solution   Discussion   9

Correct Answer: ABE 🗳️

Question #386 Topic 1

Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet?

  • A. 192.168.14.4
  • B. 192.168.12.2
  • C. 192.168.13.3
  • D. 192.168.15.5
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #387 Topic 1

Refer to the exhibit. On R1 which routing protocol is in use on the route to 192.168.10.1?

  • A. RIP
  • B. OSPF
  • C. IGRP
  • D. EIGRP
Reveal Solution Hide Solution   Discussion   12

Correct Answer: D 🗳️

Question #388 Topic 1

Refer to the exhibit. Which Command do you enter so that R1 advertises the loopback0 interface to the BGP Peers?

  • A. Network 172.16.1.32 mask 255.255.255.224
  • B. Network 172.16.1.0 0.0.0.255
  • C. Network 172.16.1.32 255.255.255.224
  • D. Network 172.16.1.33 mask 255.255.255.224
  • E. Network 172.16.1.32 mask 0.0.0.31
  • F. Network 172.16.1.32 0.0.0.31
Reveal Solution Hide Solution   Discussion   27

Correct Answer: A 🗳️

Question #389 Topic 1

Refer to exhibit. What Administrative distance has route to 192.168.10.1?

  • A. 1
  • B. 90
  • C. 110
  • D. 120
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #390 Topic 1

Which value is used to determine the active router in an HSRP default configuration?

  • A. Router loopback address
  • B. Router IP address
  • C. Router priority
  • D. Router tracking number
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️
Q. If there is no priority configured for a standby group, what determines which router is active?
A. The priority field is used to elect the active router and the standby router for the specific group. In the case of an equal priority, the router with the highest IP address for the respective group is elected as active. Furthermore, if there are more than two routers in the group, the second highest IP address determines the standby router and the other router/routers are in the listen state.

Question #391 Topic 1

Refer to the exhibit. If RTR01 is configured as shown, which three addresses will be received by other routers that are running EIGRP on the network? (Choose three.)

  • A. 192.168.2.0
  • B. 10.4.3.0
  • C. 10.0.0.0
  • D. 172.16.0.0
  • E. 172.16.4.0
  • F. 192.168.0.0
Reveal Solution Hide Solution   Discussion   25

Correct Answer: ACD 🗳️

Question #392 Topic 1

Which configuration command can you apply to a HSRP router so that its local interface becomes active if all other routers in the group fail?

  • A. no additional config is required
  • B. standby 1 track ethernet
  • C. standby 1 preempt
  • D. standby 1 priority 250
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️
Simply because that will be the default behavior routers would follow in the event all other routers in the HSRP group fail, then it would not keep attributes such as priority or preemption. What preemption does in summary is to make sure that the configured Priority on all routers within the same HSRP group is always respected. That is, if R1 is configured on the HSRP group with a priority of 150 but he stands as active since all other routers currently subscribed to that group have a priority 150, then will router will preempt the current active router and will take over hence becoming the new active router.
With preemption disabled, the new router does not preempt the current active router, unless routers in the group have to renegotiate their roles based on each router's priority at the time of negotiation.

Question #393 Topic 1

Which two statements about eBGP neighbor relationships are true? (Choose two.)

  • A. The two devices must reside in different autonomous systems
  • B. Neighbors must be specifically declared in the configuration of each device
  • C. They can be created dynamically after the network statement is configured
  • D. The two devices must reside in the same autonomous system
  • E. The two devices must have matching timer settings
Reveal Solution Hide Solution   Discussion   12

Correct Answer: AB 🗳️

Question #394 Topic 1

Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?

  • A. The router will forward the packet via either Serial0 or Serial1.
  • B. The router will return the packet to its source.
  • C. The router will forward the packet via Serial2.
  • D. The router will drop the packet.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Question #395 Topic 1

Which statements describe the routing protocol OSPF? (Choose three.)

  • A. It supports VLSM.
  • B. It is used to route between autonomous systems.
  • C. It confines network instability to one area of the network.
  • D. It increases routing overhead on the network.
  • E. It allows extensive control of routing updates.
  • F. It is simpler to configure than RIP v2.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: ACE 🗳️
The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford vector based algorithms used in traditional Internet routing protocols such as RIP. OSPF has introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, and so forth.
OSPF uses flooding to exchange link-state updates between routers. Any change in routing information is flooded to all routers in the network. Areas are introduced to put a boundary on the explosion of link-state updates. Flooding and calculation of the Dijkstra algorithm on a router is limited to changes within an area.

Question #396 Topic 1

Refer to the exhibit. After you apply the given configurations to R1 and R2 you notice that OSPFv3 fails to start.

  • A. The area numbers on R1 and R2 are mismatched
  • B. The IPv6 network addresses on R1 and R2 are mismatched
  • C. The autonomous system numbers on R1 and R2 are mismatched
  • D. The router ids on R1 and R2 are mismatched
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #397 Topic 1

Which command is used to display the collection of OSPF link states?

  • A. show ip ospf link-state
  • B. show ip ospf lsa database
  • C. show ip ospf neighbors
  • D. show ip ospf database
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️
The "show ip ospf database" command displays the link states. Here is an example:
Here is the lsa database on R2.

R2#show ip ospf database -
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count2.2.2.2 2.2.2.2 793 0x80000003 0x004F85 210.4.4.4 10.4.4.4 776 0x80000004 0x005643 1111.111.111.111
111.111.111.111 755 0x80000005 0x0059CA 2133.133.133.133 133.133.133.133 775 0x80000005 0x00B5B1 2 Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B10.2.2.3 133.133.133.133 812 0x80000001 0x004BA910.4.4.1
111.111.111.111 755 0x80000001 0x007F1610.4.4.3 133.133.133.133 775 0x80000001 0x00C31F

Question #398 Topic 1

Refer to the exhibit. A network associate has configured OSPF with the command:
City(config-router)# network 192.168.12.64 0.0.0.63 area 0
After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF. Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration statement? (Choose three.)

  • A. FastEthernet0 /0
  • B. FastEthernet0 /1
  • C. Serial0/0
  • D. Serial0/1.102
  • E. Serial0/1.103
  • F. Serial0/1.104
Reveal Solution Hide Solution   Discussion   18

Correct Answer: BCD 🗳️
The "network 192.168.12.64 0.0.0.63 equals to network 192.168.12.64/26. This network has:
✑ Increment: 64 (/26= 1111 1111.1111 1111.1111 1111.1100 0000) + Network address:
192.168.12.64
✑ Broadcast address: 192.168.12.127
Therefore all interface in the range of this network will join OSPF.

Question #399 Topic 1

Refer to the exhibit. C-router is to be used as a "router-on-a-stick" to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration?

  • A. These commands need to be added to the configuration: C-router(config)# router eigrp 123 C-router(config-router)# network 172.19.0.0
  • B. These commands need to be added to the configuration: C-router(config)# router ospf 1 C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0
  • C. These commands need to be added to the configuration: C-router(config)# router rip C-router(config-router)# network 172.19.0.0
  • D. No further routing configuration is required.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️
Since all the same router (C-router) is the default gateway for all three VLANs, all traffic destined to a different VLA will be sent to the C-router. The C-router will have knowledge of all three networks since they will appear as directly connected in the routing table. Since the C-router already knows how to get to all three networks, no routing protocols need to be configured.

Question #400 Topic 1

Refer to the exhibit. Which address and mask combination represents a summary of the routes learned by EIGRP?

  • A. 192.168.25.0 255.255.255.240
  • B. 192.168.25.0 255.255.255.252
  • C. 192.168.25.16 255.255.255.240
  • D. 192.168.25.16 255.255.255.252
  • E. 192.168.25.28 255.255.255.240
  • F. 192.168.25.28 255.255.255.252
Reveal Solution Hide Solution   Discussion   21

Correct Answer: C 🗳️
The binary version of 20 is 10100.
The binary version of 16 is 10000.
The binary version of 24 is 11000.
The binary version of 28 is 11100.
The subnet mask is /28. The mask is 255.255.255.240.
Note:
From the output above, EIGRP learned 4 routes and we need to find out the summary of them:
✑ 192.168.25.16
192.168.25.20

✑ 192.168.25.24
✑ 192.168.25.28
-> The increment should be 28 ?16 = 12 but 12 is not an exponentiation of 2; so we must choose 16 (24). Therefore the subnet mask is /28 (=1111 1111.1111
1111.1111 1111.11110000) = 255.255.255.240.
So the best answer should be 192.168.25.16 255.255.255.240.

Question #401 Topic 1

Refer to the exhibit. Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router?

  • A. 10.1.1.2
  • B. 10.154.154.1
  • C. 172.16.5.1
  • D. 192.168.5.3
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️
The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the router ID.

Question #402 Topic 1

Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with RouterC?

  • A. AS numbers must be changed to match on all the routers
  • B. Loopback interfaces must be configured so a DR is elected
  • C. The no auto-summary command is needed on Router A and Router C
  • D. Router B needs to have two network statements, one for each connected network
Reveal Solution Hide Solution   Discussion   20

Correct Answer: A 🗳️
This question is to examine the understanding of the interaction between EIGRP routers. The following information must be matched so as to create neighborhood. EIGRP routers to establish, must match the following information:
1. AS Number;
2. K value.

Question #403 Topic 1

A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common
Ethernet link.

The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem?

  • A. The OSPF area is not configured properly.
  • B. The priority on R1 should be set higher.
  • C. The cost on R1 should be set higher.
  • D. The hello and dead timers are not configured properly.
  • E. A backup designated router needs to be added to the network.
  • F. The OSPF process ID numbers must match.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️
In OSPF, the hello and dead intervals must match and here we can see the hello interval is set to 5 on R1 and 10 on R2. The dead interval is also set to 20 on R1 but it is 40 on R2.

Question #404 Topic 1

Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB? (Choose two.)

  • A. It ensures that data will be forwarded by RouterB.
  • B. It provides stability for the OSPF process on RouterB.
  • C. It specifies that the router ID for RouterB should be 10.0.0.1.
  • D. It decreases the metric for routes that are advertised from RouterB.
  • E. It indicates that RouterB should be elected the DR for the LAN.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: BC 🗳️

Question #405 Topic 1

If all OSPF routers in a single area are configured with the same priority value, what value does a router use for the OSPF router ID in the absence of a loopback interface?

  • A. the IP address of the first Fast Ethernet interface
  • B. the IP address of the console management interface
  • C. the highest IP address among its active interfaces
  • D. the lowest IP address among its active interfaces
  • E. the priority value until a loopback interface is configured
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #406 Topic 1

The OSPF Hello protocol performs which of the following tasks? (Choose two.)

  • A. It provides dynamic neighbor discovery.
  • B. It detects unreachable neighbors in 90 second intervals.
  • C. It maintains neighbor relationships.
  • D. It negotiates correctness parameters between neighboring interfaces.
  • E. It uses timers to elect the router with the fastest links as the designated router.
  • F. It broadcasts hello packets throughout the internetwork to discover all routers that are running OSPF.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: AC 🗳️

Question #407 Topic 1

What are two requirements for an HSRP group? (Choose two.)

  • A. exactly one active router
  • B. one or more standby routers
  • C. one or more backup virtual routers
  • D. exactly one standby active router
  • E. exactly one backup virtual router
Reveal Solution Hide Solution   Discussion   12

Correct Answer: AB 🗳️
Exactly one active router: Only one Active Router per HSRP group will be elected based on highest priority. In case of equal priority, Highest IP address will be elected as Active Router.
One or more standby routers: There can be one or more Standby Routers.

Question #408 Topic 1

Which two pieces of information can you learn by viewing the routing table? (Choose two.)

  • A. whether an ACL was applied inbound or outbound to an interface
  • B. the EIGRP or BGP autonomous system
  • C. whether the administrative distance was manually or dynamically configured
  • D. which neighbor adjacencies are established
  • E. the length of time that a route has been known
Reveal Solution Hide Solution   Discussion   18

Correct Answer: CE 🗳️

Question #409 Topic 1


Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?

  • A. statically assigned route
  • B. route learned through EIGRP
  • C. 724 route of a locally configured IP
  • D. internal BGP route
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #410 Topic 1

An engineer must configure an OSPF neighbor relationship between router R1 and R3. The authentication configuration has been configured and the connecting interfaces are in the same 192.168.1.0/30 subnet. What are the next two steps to complete the configuration? (Choose two.)

  • A. configure the interfaces as OSPF active on both sides
  • B. configure both interfaces with the same area ID
  • C. configure the hello and dead timers to match on both sides
  • D. configure the same process ID for the router OSPF process
  • E. configure the same router ID on both routing processes
Reveal Solution Hide Solution   Discussion   48

Correct Answer: BC 🗳️

Question #411 Topic 1


Refer to the exhibit. A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

  • A. 209.165.200.250 via Serial0/0/0
  • B. 209.165.200.254 via Serial0/0/0
  • C. 209.165.200.254 via Serial0/0/1
  • D. 209.165.200.246 via Serial0/1/0
Reveal Solution Hide Solution   Discussion   21

Correct Answer: D 🗳️
The router will use the default route since there is no entry for the destination address/subnet entry in the routine table.

Question #412 Topic 1


Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14. To which destination does the router send the packet?

  • A. 207.165.200.246 via Serial0/1/0
  • B. 207.165.200.254 via Serial0/0/0
  • C. 207.165.200.250 via Serial0/0/0
  • D. 207.165.200.254 via Serial0/0/1
Reveal Solution Hide Solution   Discussion   12

Correct Answer: D 🗳️
The longest matching route to 172.16.3.14 is the 182.16.3.0/28 route, using Serial 0/0/1 with a next hop of 207.165.200.254.

Question #413 Topic 1


Refer to the exhibit. Router R2 is configured with multiple routes to reach network 10.1.1.0/24 from router R1. Which path is chosen by router R2 to reach the destination network 10.1.1.0/24?

  • A. static
  • B. EIGRP
  • C. eBGP
  • D. OSPF
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Question #414 Topic 1


Refer to the exhibit. What is the next hop address for traffic that is destined to host 10.0.1.5?

  • A. Loopback 0
  • B. 10.0.1.4
  • C. 10.0.1.3
  • D. 10.0.1.50
Reveal Solution Hide Solution   Discussion   18

Correct Answer: D 🗳️

Question #415 Topic 1


Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and the File Server. Switch A and Switch B have been partially configured with VLANs 10, 11, 12, and 13. What is the next step in the configuration?

  • A. Add PC A to VLAN 10 and the File Server to VLAN 11 for VLAN segmentation
  • B. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation
  • C. Add a router on a stick between Switch A and Switch B allowing for Inter-VLAN routing
  • D. Add PC A to the same subnet as the File Server allowing for intra-VLAN communication
Reveal Solution Hide Solution   Discussion   18

Correct Answer: B 🗳️

Question #416 Topic 1

DRAG DROP -
A network engineer is configuring an OSPFv2 neighbor adjacency. Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #417 Topic 1

R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP, and Internal EIGRP. Under normal operating conditions, which routing protocol is installed in the routing table?

  • A. IS-IS
  • B. Internal EIGRP
  • C. RIP
  • D. OSPF
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️
With the same route (prefix), the router will choose the routing protocol with lowest Administrative Distance (AD) to install into the routing table. The AD of Internal
EIGRP (90) is lowest so it would be chosen. The table below lists the ADs of popular routing protocols.

Note: The AD of IS-IS is 115. The ג€EIGRPג€ in the table above is ג€Internal EIGRPג€. The AD of ג€External EIGRPג€ is 170. An EIGRP external route is a route that was redistributed into EIGRP.

Question #418 Topic 1


Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site
B cannot reach a DNS server on the Internet.
Which action corrects the configuration issue?

  • A. Add the default-information originate command on R2.
  • B. Add the always keyword to the default-information originate command on R1.
  • C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1.
  • D. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: C 🗳️

Question #419 Topic 1


Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

  • A. 0
  • B. 110
  • C. 38443
  • D. 3184439
Reveal Solution Hide Solution   Discussion   17

Correct Answer: C 🗳️
Both the line ג€O 172.16.0.128/25ג€ and ג€S 172.16.0.0/24ג€ cover the host 172.16.0.202 but with the ג€longest (prefix) matchג€ rule the router will choose the first route.

Question #420 Topic 1

A user configured OSPF in a single area between two routers. A serial interface connecting R1 and R2 is running encapsulation PPP. By default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

  • A. nonbroadcast
  • B. point-to-point
  • C. point-to-multipoint
  • D. broadcast
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #421 Topic 1

Which MAC address is recognized as a VRRP virtual address?

  • A. 0000.5E00.010a
  • B. 0005.3709.8968
  • C. 0000.0C07.AC99
  • D. 0007.C070.AB01
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #422 Topic 1


Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites.
Which two tasks must be performed so that the Se0/0/0 interfaces on the Atlanta and Washington routers reach one another? (Choose two.)

  • A. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.
  • B. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.
  • C. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.
  • D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.
  • E. Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: BD 🗳️

Question #423 Topic 1

A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

  • A. as-path
  • B. administrative distance
  • C. metric
  • D. cost
Reveal Solution Hide Solution   Discussion   32

Correct Answer: D 🗳️
If a router learns two different paths for the same network from the same routing protocol, it has to decide which route is better and will be placed in the routing table. Metric is the measure used to decide which route is better (lower number is better). Each routing protocol uses its own metric.
For example, RIP uses hop counts as a metric, while OSPF uses cost.
Reference:
https://study-ccna.com/administrative-distance-metric/

Question #424 Topic 1

An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?

  • A. Init
  • B. 2-way
  • C. Exchange
  • D. Full
Reveal Solution Hide Solution   Discussion   14

Correct Answer: D 🗳️

Question #425 Topic 1


Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2?

  • A. 192.168.16.0/21
  • B. 192.168.16.0/24
  • C. 192.168.16.0/26
  • D. 192.168.16.0/27
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️
The destination IP addresses match all four entries in the routing table but the 192.168.16.0/27 has the longest prefix so it will be chosen. This is called the
ג€longest prefix matchג€ rule.

Question #426 Topic 1


Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?

  • A. It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1.
  • B. It immediately replaces the existing OSPF route in the routing table with the newly configured static route.
  • C. It starts load-balancing traffic between the two default routes.
  • D. It ignores the new static route until the existing OSPF default route is removed.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️
Our new static default route has the Administrative Distance (AD) of 120, which is bigger than the AD of OSPF External route (O*E2) so it will not be pushed into the routing table until the current OSPF External route is removed.
For your information, if you don't type the AD of 120 (using the command ג€ip route 0.0.0.0 0.0.0.0 10.13.0.1ג€) then the new static default route would replace the
OSPF default route as the default AD of static route is 1. You will see such line in the routing table:
S* 0.0.0.0/0 [1/0] via 10.13.0.1

Question #427 Topic 1

Refer to the graphic. R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.)

  • A. All of the routers need to be configured for backbone Area 1.
  • B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
  • C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established.
  • D. The hello and dead interval timers are not set to the same values on R1 and R3.
  • E. EIGRP is also configured on these routers with a lower administrative distance.
  • F. R1 and R3 are configured in different areas.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: DF 🗳️
This question is to examine the conditions for OSPF to create neighborhood. So as to make the two routers become neighbors, each router must be matched with the following items:
1. The area ID and its types
2. Hello and failure time interval timer
3. OSPF Password (Optional)

Question #428 Topic 1


Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link?

  • A. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254
  • B. ip route 209.165.201.0 255.255.255.224 209.165.202.130
  • C. ip route 0.0.0.0 0.0.0.0 209.165.200.224
  • D. ip route 0.0.0.0 0.0.0.0 209.165.202.131
Reveal Solution Hide Solution   Discussion   16

Correct Answer: A 🗳️

Question #429 Topic 1


Refer to the exhibit. An engineer configured the New York router with static routes that point to the Atlanta and Washington sites. Which command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

  • A. ipv6 route::/0 Serial 0/0/0
  • B. ipv6 route::/0 Serial 0/0/1
  • C. ipv6 route:0/0 Serial 0/0/0
  • D. ip route 0.0.0.0 0.0.0.0 Serial 0/0/0
  • E. ipv6 route::/0 2000::2
Reveal Solution Hide Solution   Discussion   22

Correct Answer: A 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/ip6-route-static-xe.html#GUID-85796C3A-3143-4DF7-B9D0-
8EC87D0DB08B

Question #430 Topic 1

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

  • A. The lowest IP address is incremented by 1 and selected as the router ID.
  • B. The router ID 0.0.0.0 is selected and placed in the OSPF process.
  • C. No router ID is set, and the OSPF protocol does not run.
  • D. The highest up/up physical interface IP address is selected as the router ID.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #431 Topic 1


Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28 subnet?

  • A. 84
  • B. 110
  • C. 128
  • D. 192
  • E. 193
Reveal Solution Hide Solution   Discussion   15

Correct Answer: E 🗳️

Question #432 Topic 1


Refer to the exhibit. Traffic sourced from the loopback0 interface is trying to connect via ssh to the host at 10.0.1.15. What is the next hop to the destination address?

  • A. 192.168.0.7
  • B. 192.168.0.4
  • C. 192.168.0.40
  • D. 192.168.3.5
Reveal Solution Hide Solution   Discussion   78

Correct Answer: A 🗳️
The router will choose the route will the longest matching prefix, in this case that is 10.0.1.0.28.

Question #433 Topic 1

When the active router in a VRRP group fails, which router assumes the role and forwards packets?

  • A. forwarding
  • B. standby
  • C. backup
  • D. listening
Reveal Solution Hide Solution   Discussion   39

Correct Answer: C 🗳️

Question #434 Topic 1

Which action does the router take as it forwards a packet through the network?

  • A. The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination.
  • B. The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination.
  • C. The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination.
  • D. The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️
Reference:
https://www.freeccnastudyguide.com/study-guides/ccna/ch4/ip-routing/

Question #435 Topic 1


Refer to the exhibit. Which two prefixes are included in this routing table entry? (Choose two.)

  • A. 192.168.1.17
  • B. 192.168.1.61
  • C. 192.168.1.64
  • D. 192.168.1.127
  • E. 192.168.1.254
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AB 🗳️

Question #436 Topic 1

Which virtual MAC address is used by VRRP group 1?

  • A. 0504.0367.4921
  • B. 0007.c061.bc01
  • C. 0050.0c05.ad81
  • D. 0000.5E00.0101
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #437 Topic 1

What is the purpose of using First Hop Redundancy Protocol on a specific subnet?

  • A. forwards multicast hello messages between routers
  • B. sends the default route to the hosts on a network
  • C. ensures a loop-free physical topology
  • D. filters traffic based on destination IP addressing
Reveal Solution Hide Solution   Discussion   25

Correct Answer: B 🗳️
The routers in the FHRP group share a virtual MAC and Virtual IP and that acts as the Default Gateway for the HOSTS. It provides redundancy is case a router fails, no need to change the default gateway information.

Question #438 Topic 1

Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?

  • A. R1 has an incorrect network command for interface Gi1/0.
  • B. R2 should have its network command in area 1.
  • C. R1 interface Gi1/0 has a larger MTU size.
  • D. R2 is using the passive-interface default command.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #439 Topic 1


Refer to the exhibit. When router R1 is sending traffic to IP address 10.56.192.1, which interface or next hop address does it use to route the packet?

  • A. 10.56.0.1
  • B. 0.0.0.0/0
  • C. Vlan57
  • D. 10.56.128.19
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #440 Topic 1


Refer to the exhibit. Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request?

  • A. 192.168.7.4
  • B. 192.168.7.7
  • C. 192.168.7.35
  • D. 192.168.7.40
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #441 Topic 1

What is a benefit of VRRP?

  • A. It provides the default gateway redundancy on a LAN using two or more routers.
  • B. It provides traffic load balancing to destinations that are more than two hops from the source.
  • C. It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision.
  • D. It allows neighbors to share routing table information between each other.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-0/addr_serv/configuration/guide/ic40crs1book_chapter10.html

Question #442 Topic 1


Refer to the exhibit. Routers R1 and R3 have the default configuration. The router R2 priority is set to 99. Which commands on R3 configure it as the DR in the
10.0.4.0/24 network?

  • A. R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100
  • B. R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 1
  • C. R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0
  • D. R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️
In the case of OSPF, 0 means you will never be elected as DR or BDR. Default priority is 1. Highest priority will be elected as the DR.

Question #443 Topic 1


Refer to the exhibit. A network engineer must configure R1 so that it sends all packets destined to the 10.0.0.0/24 network to R3, and all packets destined to PC1 to R2. Which configuration must the engineer implement?

  • A. R1(config)#ip route 10.0.0.0 255.255.255.0 172.16.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 192.168.0.2
  • B. R1(config)#ip route 10.0.0.0 255.255.0.0 172.16.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 192.168.0.2
  • C. R1(config)#ip route 10.0.0.0 255.255.255.0 192.168.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 172.16.0.2
  • D. R1(config)#ip route 10.0.0.0 255.255.0.0 192.168.0.2 R1(config)#ip route 10.0.0.5 255.255.255.0 172.16.0.2
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #444 Topic 1


Refer to the exhibit. All traffic enters the CPE router from interface Serial0/3 with an IP address of 192.168.50.1. Web traffic from the WAN is destined for a LAN network where servers are load-balanced. An IP packet with a destination address of the HTTP virtual IP of 192.168.1.250 must be forwarded. Which routing table entry does the router use?

  • A. 192.168.1.0/24 via 192.168.12.2
  • B. 192.168.1.128/25 via 192.168.13.3
  • C. 192.168.1.192/26 via 192.168.14.4
  • D. 192.168.1.224/27 via 192.168.15.5
Reveal Solution Hide Solution   Discussion   17

Correct Answer: D 🗳️

Question #445 Topic 1


Refer to the exhibit. An engineer assumes a configuration task from a peer. Router A must establish an OSPF neighbor relationship with neighbor 172.1.1.1. The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

  • A. Configure router A to use the same MTU size as router B.
  • B. Configure a point-to-point link between router A and router B.
  • C. Set the router B OSPF ID to the same value as its IP address.
  • D. Set the router B OSPF ID to a nonhost address.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-12.html#neighbors

Question #446 Topic 1


Refer to the exhibit. Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

  • A. R3(config)#interface fastethernet 0/0 R3(config-if)#ip ospf priority 0
  • B. R1(config)#router ospf 1 R1(config-router)#router-id 192.168.100.1
  • C. R1(config)#interface fastethernet 0/0 R1(config-if)#ip ospf priority 200
  • D. R1(config)#interface fastethernet 0/0 R1(config-if)#ip ospf priority 0
  • E. R3(config)#interface fastethernet 0/0 R3(config-if)#ip ospf priority 200
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AC 🗳️

Question #447 Topic 1


Refer to the exhibit. Which command configures OSPF on the point-to-point link between routers R1 and R2?

  • A. router-id 10.0.0.15
  • B. neighbor 10.1.2.0 cost 180
  • C. network 10.0.0.0 0.0.0.255 area 0
  • D. ip ospf priority 100
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️

Question #448 Topic 1


Refer to the exhibit. A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site?

  • A. R1 ip route 192.168.1.1 255.255.255.0 GigabitEthernet0/1 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/1
  • B. R1 ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/0
  • C. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.225 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.226
  • D. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.226 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.225
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #449 Topic 1


Refer to the exhibit. Which next-hop IP address does Router1 use for packets destined to host 10.10.13.158?

  • A. 10.10.10.9
  • B. 10.10.10.5
  • C. 10.10.11.2
  • D. 10.10.12.2
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Question #450 Topic 1


Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.1. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.1.1.19?

  • A. F0/0
  • B. F0/1
  • C. F0/4
  • D. F0/3
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #451 Topic 1


Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up, but the server is still reachable when OSPF goes down?

  • A. ip route 10.1.1.10 255.255.255.255 gi0/0 125
  • B. ip route 10.1.1.0 255.255.255.0 172.16.2.2 100
  • C. ip route 10.1.1.0 255.255.255.0 gi0/1 125
  • D. ip route 10.1.1.10 255.255.255.255 172.16.2.2 100
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️
This is an example of a floating static route when the Administrative Distance must be greater than the primary route. Currently the OSPF AD for the route is 110, so if that route was to go away then this route with an AD of 125 would be used.

Question #452 Topic 1


Refer to the exhibit. What is the next hop for traffic entering R1 with a destination of 10.1.2.126?

  • A. 10.165.20.126
  • B. 10.165.20.146
  • C. 10.165.20.166
  • D. 10.165.20.226
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Question #453 Topic 1


Refer to the exhibit. Which prefix did router R1 learn from internal EIGRP?

  • A. 192.168.3.0/24
  • B. 192.168.1.0/24
  • C. 172.16.1.0/24
  • D. 192.168.2.0/24
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #454 Topic 1


Refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement?

  • A. R4(config)#interface gi0/0 R4(config-if)#ip ospf priority 20 R5(config)#interface gi0/0 R5(config-if)#ip ospf priority 10
  • B. R5(config)#interface gi0/0 R5(config-if)#ip ospf priority 120 R4(config)#interface gi0/0 R4(config-if)#ip ospf priority 110
  • C. R3(config)#interface gi0/0 R3(config-if)#ip ospf priority 255 R2(config)#interface gi0/0 R2(config-if)#ip ospf priority 240
  • D. R2(config)#interface gi0/0 R2(config-if)#ip ospf priority 259 R3(config)#interface gi0/0 R3(config-if)#ip ospf priority 256
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #455 Topic 1


Refer to the exhibit. Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10.0.10.0/24?

  • A. via next-hop 10.0.1.5
  • B. via next-hop 10.0.1.4
  • C. via next-hop 10.0.1.50
  • D. via next-hop 10.0.1.100
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #456 Topic 1


Refer to the exhibit. A packet sourced from 10.10.10.1 is destined for 10.10.8.14. What is the subnet mask of the destination route?

  • A. 255.255.254.0
  • B. 255.255.255.240
  • C. 255.255.255.248
  • D. 255.255.255.252
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #457 Topic 1


Refer to the exhibit. An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured?

  • A. interface gigabitethernet0/0 ip address 10.0.0.34 255.255.255.248 ip ospf priority 0
  • B. interface gigabitethernet0/0 ip address 10.0.0.34 255.255.255.224 ip ospf priority 100
  • C. interface gigabitethernet0/0 ip address 10.0.1.1 255.255.255.0 ip ospf priority 255
  • D. interface gigabitethernet0/0 ip address 10.0.1.1 255.255.255.224 ip ospf priority 98
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #458 Topic 1

An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be 2019:C15C:0CAF:E002::1. The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route?

  • A. R1(config-if)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet 0/0
  • B. R1(config)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet 0/0
  • C. R1(config-if)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
  • D. R1(config)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
Reveal Solution Hide Solution   Discussion   15

Correct Answer: D 🗳️

Question #459 Topic 1


Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

  • A. R17# ! no ip domain lookup ip cef ipv6 cef ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:4::302
  • B. R17# ! no ip domain lookup ip cef ipv6 unicast-routing ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:3::301
  • C. R17# ! no ip domain lookup ip cef ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:5::101
  • D. R17# ! no ip domain lookup ip cef ipv6 unicast-routing ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:2::201
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #460 Topic 1


Refer to the exhibit. A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

  • A. ip route 0.0.0.0 0.0.0.0 192.168.0.2
  • B. ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernet1/0
  • C. ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating
  • D. ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️
The primary route should use the default administrative distance, since the AD for static routes is 1.

Question #461 Topic 1

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR'BDR election?

  • A. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf cost 0
  • B. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 hello interval 15 interface e1/1 ip address 192.168.1.1 255.255.255.252
  • C. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf network broadcast
  • D. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf network point-to-point
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #462 Topic 1


Refer to the exhibit. An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

  • A. R1(config)#ip route 172.16.2.0.255.255.255.0 192.168.1.15
  • B. R1(config)#ip route 172.16.2.2 255.255.255.248 gi0/1
  • C. R1(config)#ip route 172.16.2.2 255.255.255.255 gi0/0
  • D. R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.1.5
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️
By specifying the outgoing interface and not the next hop IP address, the Management devices will be able to ping the new server, but not the default gateway of the server.

Question #463 Topic 1


Refer to the exhibit. Router R1 currently is configured to use R3 as the primary route to the internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

  • A. ip route 0.0.0.0 0.0.0.0 209.165.201.5.10
  • B. ip route 0.0.0.0 0.0.0.0 g0/1 1
  • C. ip route 0.0.0.0 0.0.0.0 209.165.200.226 1
  • D. ip route 0.0.0.0 0.0.0.0 g0/1 6
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #464 Topic 1


Refer to the exhibit. Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

  • A. Configure the router A interfaces with the highest OSPF priority value within the area
  • B. Configure router B and router C as OSPF neighbors of router A
  • C. Configure the OSPF priority on router A with the lowest value between the three routers.
  • D. Configure router A with a fixed OSPF router ID
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #465 Topic 1


Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10 10 24?

  • A. F0/10
  • B. F0/11
  • C. F0/12
  • D. F0/1
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #466 Topic 1


Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

  • A. It sends packets out of interface Fa0/1.
  • B. It sends packets out of interface Fa0/2.
  • C. It load-balances traffic out of Fa0/1 and Fa0/2.
  • D. It is unreachable and discards the traffic.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #467 Topic 1


Refer to the exhibit. Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10 10.0.0/16.
Which interface will R1 choose to send traffic to reach the route?

  • A. GigabitEthernet0/0
  • B. GigabitEthernet0/1
  • C. GigabitEthernet0/2
  • D. GigabitEthernet0/3
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Question #468 Topic 1


Refer to the exhibit. Which network prefix was learned via EIGRP?

  • A. 172.160.0/16
  • B. 207.165.200.0/24
  • C. 192.168.1.0/24
  • D. 192.168.2.0/24
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #469 Topic 1


Refer to the exhibit. Which command must be issued to enable a floating static default route on router A?

  • A. ip route 0.0.0.0 0.0.0.0 192.168.1.2 10
  • B. ip route 0.0.0.0 0.0.0.0 192.168.1.2
  • C. ip default-gateway 192.168.2.1
  • D. ip route 0.0.0.0 0.0.0.0 192.168.2.1 10
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #470 Topic 1


Refer to the exhibit. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

  • A. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 0 ip mtu 1400 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface Loopback0 ip address 10.10.1.86 255.255.255.255 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0
  • B. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf 10 area 0 ip mtu 1500 router ospf 10 ip ospf priority 255 router-id 10.10.1 14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86
  • C. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0
  • D. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1400 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0
Reveal Solution Hide Solution   Discussion   20

Correct Answer: C 🗳️

Question #471 Topic 1


Refer to the exhibit. When an administrator executes the show ip route command on router D to view its routing table, which value is displayed for the administrative distance for the route to network 192.168 1.0?

  • A. 110
  • B. 120
  • C. 170
  • D. 90
Reveal Solution Hide Solution   Discussion   16

Correct Answer: A 🗳️

Question #472 Topic 1


Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces. The two circuits are operational and reachable across WAN.
Which command set establishes failover redundancy if the primary circuit goes down?

  • A. R1(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.6 R2(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.5
  • B. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1
  • C. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5
  • D. R1(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.6 2 R2(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.5 2
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #473 Topic 1


Refer to the exhibit. R1 learns all routes via OSPF. Which command configures a backup static route on R1 to reach the 192.168.20 0/24 network via R3?

  • A. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111
  • B. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90
  • C. R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2
  • D. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Question #474 Topic 1


Refer to the exhibit. R1 has taken the DROTHER role in the OSPF DR/BDR election process. Which configuration must an engineer implement so that R1 is elected as the DR?

  • A. R1(config)#interface FastEthernet 0/0 R1(config-if)#ip ospf priority 1 R1#clear ip ospf process
  • B. R3(config)#interface FastEthernet 0/1 R3(config-if)#ip ospf priority 200 R3#clear ip ospf process
  • C. R2(config)#interface FastEthernet 0/2 R2(config-if)#ip ospf priority 1 R2#clear ip ospf process
  • D. R1(config)#interface FastEthernet 0/0 R1(config-if)#ip ospf priority 200 R1#clear ip ospf process
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #475 Topic 1

Which SDN plane forwards user-generated traffic?

  • A. Management plane
  • B. Control plane
  • C. Policy plane
  • D. Data plane
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #476 Topic 1

An application in the network is being scaled up from 300 servers to 600. Each server requires 3 network connections to support production, backup, and management traffic. Each connection resides on a different subnet. The router configuration for the production network must be configured first using a subnet in the 10.0.0.0/8 network. Which command must be configured on the interface of the router to accommodate the requirements and limit wasted IP address space?

  • A. ip address 10.10.10.1 255.255.254.0
  • B. ip address 10.10.10.1 255.255.252.0
  • C. ip address 10.10.10.1 255.255.240.0
  • D. ip address 10.10.10.1 255.255.255.240
Reveal Solution Hide Solution   Discussion   40

Correct Answer: A 🗳️

Question #477 Topic 1


Refer to the exhibit. Which interface is chosen to forward traffic to the host at 192.168.0.55?

  • A. GigabitEthernet0/3
  • B. Null0
  • C. GigabitEthernet0/1
  • D. GigabitEthernet0/2
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #478 Topic 1


Refer to the exhibit. The administrator must configure a floating static default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE?

  • A. ipv6 route ::/0 2001:db8:1234:2::1 3
  • B. ipv6 route ::/128 2001:db8:1234:2::1 3
  • C. ipv6 route ::/0 2001:db8:1234:2::1 1
  • D. ipv6 route ::/0 2001:db8:1234:2::1 2
Reveal Solution Hide Solution   Discussion   10

Correct Answer: A 🗳️

Question #479 Topic 1


Refer to the exhibit. Router OldR is replacing another router on the network with the intention of having OldR and R2 exchange routes. After the engineer applied the initial OSPF configuration, the routes were still missing on both devices. Which command sequence must be issued before the clear IP ospf process command is entered to enable the neighbor relationship?

  • A. OldR(config)#interface g0/0/0 OldR(config-if)#ip ospf hello-interval 15
  • B. OldR(config)#router ospf 1 OldR(config-router)#network 192.168.1.0 255.255.255.0 area 2
  • C. OldR(config)#interface g0/0/0 OldR(config-if)#ip ospf dead-interval 15
  • D. OldR(config)#router ospf 1 OldR(config-router)#no router-id 192.168.1.1
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️
With OSPF each router must have a unique router ID. Here we see that both routers have a router ID of 192.168.1.1. Removing the router-id command on the
OldR will force it to use one of its actual interface IP addresses as the router ID.

Question #480 Topic 1

DRAG DROP -

Refer to the exhibit. Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right. Not all prefixes are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   12

Correct Answer:

Question #481 Topic 1


Refer to the exhibit. What is the subnet mask for route 172.16.4.0?

  • A. 255.255.255.192
  • B. 255.255.254.0
  • C. 255.255.248.0
  • D. 255.255.240.0
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #482 Topic 1


Refer to the exhibit. A static route must be configured on R14 to forward traffic for the 172.21.34.0/25 network that resides on R86. Which command must be used to fulfill the request?

  • A. ip route 172.21.34.0 255.255.255.192 10.73.65.65
  • B. ip route 172.21.34.0 255.255.255.128 10.73.65.66
  • C. ip route 172.21.34.0 255.255.255.0 10.73.65.65
  • D. ip route 172.21.34.0 255.255.128.0 10.73.65.64
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #483 Topic 1


Refer to the exhibit. The network engineer is configuring router R2 as a replacement router on the network. After the initial configuration is applied, it is determined that R2 failed to show R1 as a neighbor. Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1?

  • A. R2(config)#router ospf 1 R2(config-router)#network 192.168.1.0 255.255.255.0 area 2
  • B. R2(config)#interface g0/0/0 R2(config-if)#ip ospf hello-interval 10
  • C. R2(config)#interface g0/0/0 R2(config-if)#ip ospf dead-interval 40
  • D. R2(config)#router ospf 1 R2(config-router)#router-id 192.168.1.2
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️
For OSPF the hello and dead timers must match to become neighbors. R1 is configured with a dead time of 40 seconds, while R2 is set to 45 seconds.

Question #484 Topic 1


Refer to the exhibit. All interfaces are configured with duplex auto and ip ospf network broadcast. Which configuration allows routers R14 and R86 to form an
OSPFv2 adjacency and act as a central point for exchanging OSPF information between routers?

  • A. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip mtu 1400 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0
  • B. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 ip ospf priority 255 router-id 10.10.1.14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86
  • C. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 0 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0
  • D. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 255 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86
Reveal Solution Hide Solution   Discussion   24

Correct Answer: A 🗳️

Question #485 Topic 1

A packet from a company's branch office is destined to host 172.31.0.1 at headquarters. The sending router has three possible matches in its routing table for the packet: prefixes 172.31.0.0/16, 172.31.0.0/24, and 172.31.0.0/25. How does the router handle the packet?

  • A. It sends the traffic via prefix 172.31.0.0/24.
  • B. It sends the traffic via prefix 172.31.0.0/16.
  • C. It sends the traffic via prefix 172.31.0.0/25.
  • D. It sends the traffic via the default gateway 0.0.0.0/0.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #486 Topic 1


Refer to the exhibit. An engineer is asked to configure router R1 so that it forms an OSPF single-area neighbor relationship with R2. Which command sequence must be implemented to configure the router?

  • A. router ospf 100 network 10.0.0.0 0.0.0.252 area0 network 10.0.1.0 0.0.0.255 area0
  • B. router ospf 100 network 10.0.0.0 0.0.0.3 area0 network 10.0.2.0 255.255.255.0 area0
  • C. router ospf 10 network 10.0.0.0 0.0.0.3 area0 network 10.0.1.0 0.0.0.255 area0
  • D. router ospf 10 network 10.0.0.0 0.0.0.3 area0 network 10.0.2.0 0.0.0.255 area0
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #487 Topic 1


Refer to the exhibit. All routers in the network are configured. R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configured on R2 to be elected as the DR in the network?

  • A. R2(config)#intergface gi0/0 R2(config-if)#ip ospf priority 100
  • B. R2(config)#router ospf 1 R2(config-router)#router-id 192.168.2.7
  • C. R2(config)#router ospf 1 R2(config-router)#router-id 10.100.100.100
  • D. R2(config)#intergface gi0/0 R2(config-if)#ip ospf priority 1
Reveal Solution Hide Solution   Discussion   10

Correct Answer: A 🗳️

Question #488 Topic 1


Refer to the exhibit. The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two.)

  • A. ip route 10.10.10.0 255.255.255.0 192.168.2.3
  • B. ip route 10.10.10.10 255.255.255.255 192.168.2.2
  • C. ip route 10.10.10.10 255.255.255.255 g0/1
  • D. ip route 10.10.10.8 255.255.255.248 g0/1
  • E. ip route 10.10.10.0 255.255.255.248 192.168.2.2
Reveal Solution Hide Solution   Discussion   20

Correct Answer: AE 🗳️

Question #489 Topic 1


Refer to the exhibit. What is the subnet mask of the route to the 10.10.13.160 prefix?

  • A. 255.255.255.240
  • B. 255.255.255.128
  • C. 255.255.248.0
  • D. 255.255.255.248
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #490 Topic 1


Refer to the exhibit. Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)
✑ Packets toward the entire network 2001:db8:23::/64 must be forwarded through router R2.
Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

  • A. ipv6 route 2001:db8:23::/128 fd00:12::2
  • B. ipv6 route 2001:db8:23::14/128 fd00:13::3
  • C. ipv6 route 2001:db8:23::/64 fd00:12::2
  • D. ipv6 route 2001:db8:23::14/64 fd00:12::2 200
  • E. ipv6 route 2001:db8:23::14/64 fd00:12::2
Reveal Solution Hide Solution   Discussion   5

Correct Answer: BC 🗳️

Question #491 Topic 1


Refer to the exhibit. Traffic from R1 to the 10.10.2.0/24 subnet uses 192.168.1.2 as its next hop. A network engineer wants to update the R1 configuration so that traffic with destination 10.10 2.1 passes through router R3, and all other traffic to the 10.10.2.0/24 subnet passes through R2. Which command must be used?

  • A. ip route 10.10.2.1 255.255.255.255 192.168.1.4115
  • B. ip route 10.10.2.0 255.255.255.0 192.168.1.4115
  • C. ip route 10.10.2.0 255.255.255.0 192.168.1.4100
  • D. ip route 10.10.2.1 255.255.255.255192.168.1.4100
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️
Here we need to add a host route for the specific 10.10.2.1 host, which means using a subnet mask of 255.255.255.255. We also need to configure an
Administrative Distance that is less than the default OSPF AD of 115.

Question #492 Topic 1


Refer to the exhibit. The image server and client A are running an application that transfers an extremely high volume of data between the two. An engineer is configuring a dedicated circuit between R1 and R2. Which set of commands must the engineer apply to the routers so that only traffic between the image server and client A is forces to use the new circuit?

  • A. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5
  • B. R1(config)#ip route 10.10.13.10 255.255.255.128 10.10.10.6 R2(config)#lp route 192.168.0.100 255.255.255.0 10.10.10.5
  • C. R1(config)#ip route 10.10.13.10 255.255.255.252 10.10.10.6 R2(config)#tp route 192.168.0.100 255.255.255.252 10.10.10.5
  • D. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1
Reveal Solution Hide Solution   Discussion   28

Correct Answer: D 🗳️

Question #493 Topic 1


Refer to the exhibit. An engineer is checking the routing table in the main router to identify the path to a server on the network. Which route does the router use to reach the server at 192.168.2.2?

  • A. S 192.168.0.0/20 [1/0] via 10.1.1.1
  • B. S 192.168.2.0/29 [1/0] via 10.1.1.1
  • C. S 192.168.2.0/28 [1/0] via 10.1.1.1
  • D. S 192.168.1.0/30 [1/0] via 10.1.1.1
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #494 Topic 1

Refer to the exhibit. An OSPF neighbor relationship must be configured using these guidelines:
✑ R1 is only permitted to establish a neighbor with R2.
✑ R1 will never participate in DR elections.
✑ R1 will use a router-id of 10.1.1.1.
Which configuration must be used?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   11

Correct Answer: A

Question #495 Topic 1


Refer to the exhibit. What is the prefix length for the route that router1 will use to reach host A?

  • A. /25
  • B. /27
  • C. /28
  • D. /29
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #496 Topic 1


Refer to the exhibit. After applying this configuration to router R1, a network engineer is verifying the implementation. If all links are operating normally, and the engineer sends a series of packets from PC1 to PC3, how are the packets routed?

  • A. They are distributed sent round robin to interfaces S0/0/0 and S0/0/1
  • B. They are routed to 10.0.0.2
  • C. They are routed to 192.168.100.2
  • D. They are routed to 172.16.20.2
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #497 Topic 1


Refer to the exhibit. When router R1 receives a packet with destination IP address 10.56.0.62, through which interface does it route the packet?

  • A. Vlan58
  • B. Null0
  • C. Vlan59
  • D. Vlan60
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #498 Topic 1


Refer to the exhibit. How much OSPF be configured on the GigabitEthernet0/0 interface of the neighbor device to achieve the destined neighbor relationship?

  • A. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf cost 5
  • B. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf priority 1
  • C. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf area 2
  • D. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf network point-to-point
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Question #499 Topic 1


An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

  • A. Router ospf 100 Network 10.120.10.0 0.0.0.255 area 0
  • B. Router ospf 120 Network 10.120.10.0 255.255.255.0 area 0 Ip route 10.120.10.0 255.255.255.0 fa0/1
  • C. Router ospf 100 area 0 Network 10.120.10.0 0.0.0.255
  • D. Router ospf 100 Network 10.120.10.0 255.255.255.0 area 0
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #500 Topic 1

What are two benefits of FHRPs? (Choose two.)

  • A. They allow encrypted traffic
  • B. They prevent loops in the Layer 2 network.
  • C. They are able to bundle multiple ports to increase bandwidth
  • D. They enable automatic failover of the default gateway
  • E. They allow multiple devices to serve as a single virtual gateway for clients in the network
Reveal Solution Hide Solution   Discussion   1

Correct Answer: DE 🗳️

Question #501 Topic 1

What is the MAC address used with VRRP as a virtual address?

  • A. 00-05-42-38-53-31
  • B. 00-00-5E-00-01-0a
  • C. 00-00-0C-07-AD-89
  • D. 00-07-C0-70-AB-01
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #502 Topic 1

Why would VRRP be implemented when configuring a new subnet in a multivendor environment?

  • A. when a gateway protocol is required that supports more than two Cisco devices for redundancy
  • B. to interoperate normally with all vendors and provide additional security features for Cisco devices
  • C. to ensure that the spanning-tree forwarding path to the gateway is loop-free
  • D. to enable normal operations to continue after a member failure without requiring a change in a host ARP cache
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️
VRRP is the industry standards based FHRP similar to Cisco's HSRP but is supported by multiple vendors.

Question #503 Topic 1

Why implement VRRP?

  • A. To hand over to end users the autodiscovery of virtual gateways
  • B. To provide end users with a virtual gateway in a multivendor network
  • C. To leverage a weighting scheme to provide uninterrupted service
  • D. To detect link failures without the overhead of Bidirectional Forwarding Detection
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #504 Topic 1

Which type of address is shared by routers in a HSRP implementation and used by hosts on the subnet as their default gateway address?

  • A. multicast address
  • B. virtual IP address
  • C. loopback IP address
  • D. broadcast address
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #505 Topic 1

By default, which virtual MAC address does HSRP group 14 use?

  • A. 00:05:5e:19:0c:14
  • B. 00:05:0c:07:ac:14
  • C. 04:15:26:73:3c:0e
  • D. 00:00:0c:07:ac:0e
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #506 Topic 1


Refer to the exhibit. Router R1 is added to the network and configured with the 10.0.0.64/26 and 10.0.20.0/26 subnets. However, traffic destined for the LAN on
R3 is not accessible. Which command when executed on R1 defines a static route to reach the R3 LAN?

  • A. ip route 10.0.0.64 255.255.255.192 10.0.20.3
  • B. ip route 10.0.15.0 255.255.255.0 10.0.20.1
  • C. ip route 10.0.15.0 255.255.255.192 10.0.20.1
  • D. ip route 10.0.15.0 255.255.255.0 10.0.20.3
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️
We need to specify the destination network (10.0.15.0/24) and the next hop IP of the router to get to that network (10.0.20.3).

Question #507 Topic 1

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the net- hop devices are different?

  • A. The router chooses the route with the oldest age.
  • B. The router chooses the next hop with the lowest IP address.
  • C. The router chooses the next hop with the lowest MAC address.
  • D. The router load-balances traffic over all routes to the destination.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️
Load balancing is a standard functionality of Cisco IOS Software that is available across all router platforms. It is inherent to the forwarding process in the router, and it enables a router to use multiple paths to a destination when it forwards packets. The number of paths used is limited by the number of entries that the routing protocol puts in the routing table. Four entries is the default in Cisco IOS Software for IP routing protocols except for BGP. BGP has a default of one entry.

Question #508 Topic 1

What does the implementation of a first-hop redundancy protocol protect against on a network?

  • A. default gateway failure
  • B. BGP neighbor flapping
  • C. spanning-tree loops
  • D. root-bridge loss
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #509 Topic 1

Which feature or protocol is required for an IP SLA to measure UDP jitter?

  • A. LLDP
  • B. EEM
  • C. CDP
  • D. NTP
Reveal Solution Hide Solution   Discussion   15

Correct Answer: D 🗳️

Question #510 Topic 1

Refer to the exhibit. Which feature is enabled by this configuration?

  • A. static NAT translation
  • B. a DHCP pool
  • C. a dynamic NAT address pool
  • D. PAT
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #511 Topic 1

Which NAT term is defined as a group of addresses available for NAT use?

  • A. NAT pool
  • B. dynamic NAT
  • C. static NAT
  • D. one-way NAT
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #512 Topic 1

Which command can you enter to allow Telnet to be supported in addition to SSH?

  • A. transport input telnet ssh
  • B. transport input telnet
  • C. no transport input telnet
  • D. privilege level 15
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Question #513 Topic 1

Refer to the exhibit. After you apply the given configuration to a router, the DHCP clients behind the device cannot communicate with hosts outside of their subnet.
Which action is most likely to correct the problem?

  • A. Configure the dns server on the same subnet as the clients
  • B. Activate the dhcp pool
  • C. Correct the subnet mask
  • D. Configure the default gateway
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Question #514 Topic 1

Refer to the exhibit. Which rule does the DHCP server use when there is an IP address conflict?

  • A. The address is removed from the pool until the conflict is resolved.
  • B. The address remains in the pool until the conflict is resolved.
  • C. Only the IP detected by Gratuitous ARP is removed from the pool.
  • D. Only the IP detected by Ping is removed from the pool.
  • E. The IP will be shown, even after the conflict is resolved.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️
An address conflict occurs when two hosts use the same IP address. During address assignment, DHCP checks for conflicts using ping and gratuitous ARP. If a conflict is detected, the address is removed from the pool. The address will not be assigned until the administrator resolves the conflict.

Question #515 Topic 1

Which command can you enter to determine the addresses that have been assigned on a DHCP Server?

  • A. Show ip DHCP database.
  • B. Show ip DHCP pool.
  • C. Show ip DHCP binding.
  • D. Show ip DHCP server statistic.
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

Question #516 Topic 1

What is the authoritative source for an address lookup?

  • A. a recursive DNS search
  • B. the operating system cache
  • C. the ISP local cache
  • D. the browser cache
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #517 Topic 1

Which command is used to verify the DHCP relay agent address that has been set up on your Cisco IOS router?

  • A. show ip interface brief
  • B. show ip dhcp bindings
  • C. show ip route
  • D. show ip interface
  • E. show interface
  • F. show ip dhcp pool
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #518 Topic 1

Which type of information resides on a DHCP server?

  • A. a list of the available IP addresses in a pool
  • B. a list of public IP addresses and their corresponding names
  • C. usernames and passwords for the end users in a domain
  • D. a list of statically assigned MAC addresses
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #519 Topic 1

What are two roles of Domain Name Services (DNS)? (Choose two.)

  • A. builds a flat structure of DNS names for more efficient IP operations
  • B. encrypts network Traffic as it travels across a WAN by default
  • C. improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs)
  • D. enables applications to identify resources by name instead of IP address
  • E. allows a single host name to be shared across more than one IP address
Reveal Solution Hide Solution   Discussion   8

Correct Answer: DE 🗳️

Question #520 Topic 1

Which Cisco IOS command will indicate that interface GigabitEthernet 0/0 is configured via DHCP?

  • A. show ip interface GigabitEthernet 0/0 dhcp
  • B. show interface GigabitEthernet 0/0
  • C. show ip interface dhcp
  • D. show ip interface GigabitEthernet 0/0
  • E. show ip interface GigabitEthernet 0/0 brief
Reveal Solution Hide Solution   Discussion   18

Correct Answer: D 🗳️

Question #521 Topic 1

What will happen if you configure the logging trap debug command on a router?

  • A. It causes the router to send messages with lower severity levels to the syslog server
  • B. It causes the router to send all messages with the severity levels Warning, Error, Critical, and Emergency to the syslog server
  • C. It causes the router to send all messages to the syslog server
  • D. It causes the router to stop sending all messages to the syslog server
Reveal Solution Hide Solution   Discussion   14

Correct Answer: C 🗳️

Question #522 Topic 1

A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

  • A. informational
  • B. emergency
  • C. warning
  • D. critical
  • E. debug
  • F. error
Reveal Solution Hide Solution   Discussion   7

Correct Answer: BDF 🗳️

Question #523 Topic 1

DRAG DROP -
Drag and drop the network protocols from the left onto the correct transport services on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #524 Topic 1

A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

  • A. ARP
  • B. SNMP
  • C. SMTP
  • D. CDP
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
The SNMP framework has three parts:
ג€¢ An SNMP manager
ג€¢ An SNMP agent
ג€¢ A Management Information Base (MIB)
The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects.
With SNMP, the network administrator can send commands to multiple routers to do the backup.

Question #525 Topic 1

Which command enables a router to become a DHCP client?

  • A. ip address dhcp
  • B. ip dhcp client
  • C. ip helper-address
  • D. ip dhcp pool
Reveal Solution Hide Solution   Discussion   37

Correct Answer: A 🗳️
If we want to get an IP address from the DHCP server on a Cisco device, we can use the command ג€ip address dhcpג€.
Note: The command ג€ip helper-addressג€ enables a router to become a DHCP Relay Agent.

Question #526 Topic 1

Which function does an SNMP agent perform?

  • A. It sends information about MIB variables in response to requests from the NMS
  • B. It manages routing between Layer 3 devices in a network
  • C. It coordinates user authentication between a network device and a TACACS+ or RADIUS server
  • D. It requests information from remote network nodes about catastrophic system events
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #527 Topic 1

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two.)

  • A. The DHCP server assigns IP addresses without requiring the client to renew them.
  • B. The DHCP server leases client IP addresses dynamically.
  • C. The DHCP client is able to request up to four DNS server addresses.
  • D. The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses.
  • E. The DHCP client maintains a pool of IP addresses it is able to assign.
Reveal Solution Hide Solution   Discussion   10

Correct Answer: BD 🗳️

Question #528 Topic 1

Which command must be entered when a device is configured as an NTP server?

  • A. ntp peer
  • B. ntp master
  • C. ntp authenticate
  • D. ntp server
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #529 Topic 1

What event has occurred if a router sends a notice level message to a syslog server?

  • A. A certificate has expired
  • B. An interface line has changed status
  • C. A TCP connection has been torn down
  • D. An ICMP connection has been built
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Question #530 Topic 1


Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server configurations are complete and correct, which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two.)

  • A. R1(config)# interface fa0/0 R1(config-if)# ip helper-address 198.51.100.100
  • B. R2(config)# interface gi0/0 R2(config-if)# ip helper-address 198.51.100.100
  • C. R1(config)# interface fa0/0 R1(config-if)# ip address dhcp R1(config-if)# no shutdown
  • D. R2(config)# interface gi0/0 R2(config-if)# ip address dhcp
  • E. R1(config)# interface fa0/0 R1(config-if)# ip helper-address 192.0.2.2
Reveal Solution Hide Solution   Discussion   15

Correct Answer: BC 🗳️

Question #531 Topic 1

Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two.)

  • A. It supports protocol discovery.
  • B. It guarantees the delivery of high-priority packets.
  • C. It can identify different flows with a high level of granularity.
  • D. It can mitigate congestion by preventing the queue from filling up.
  • E. It drops lower-priority packets before it drops higher-priority packets.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: DE 🗳️
Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur:
1. The average queue size is calculated.
2. If the average is less than the minimum queue threshold, the arriving packet is queued.
3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic.
4. If the average queue size is greater than the maximum threshold, the packet is dropped.
WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times.
WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered.
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-cfg-wred.html

Question #532 Topic 1


Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP after the NAT has taken place?

  • A. 10.4.4.4
  • B. 10.4.4.5
  • C. 172.23.103.10
  • D. 172.23.104.4
Reveal Solution Hide Solution   Discussion   59

Correct Answer: C 🗳️

Question #533 Topic 1

If a notice-level message is sent to a syslog server, which event has occurred?

  • A. A network device has restarted.
  • B. A debug operation is running.
  • C. A routing instance has flapped.
  • D. An ARP inspection has failed.
Reveal Solution Hide Solution   Discussion   26

Correct Answer: C 🗳️
Usually no action is required when a route flaps so it generates the notification syslog level message (level 5).

Question #534 Topic 1

DRAG DROP -
Drag and drop the functions from the left onto the correct network components on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #535 Topic 1

Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two.)

  • A. Enable NTP authentication.
  • B. Verify the time zone.
  • C. Specify the IP address of the NTP server.
  • D. Set the NTP server private key.
  • E. Disable NTP broadcasts.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: AC 🗳️
To configure authentication, perform this task in privileged mode:
Step 1: Configure an authentication key pair for NTP and specify whether the key will be trusted or untrusted.
Step 2: Set the IP address of the NTP server and the public key.
Step 3: Enable NTP client mode.
Step 4: Enable NTP authentication.
Step 5: Verify the NTP configuration.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/ntp.html

Question #536 Topic 1

What is the primary purpose of a First Hop Redundancy Protocol?

  • A. It allows directly connected neighbors to share configuration information
  • B. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric
  • C. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination
  • D. It reduces routing failures by allowing more than one router to represent itself as the default gateway of a network
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #537 Topic 1

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any one of three addresses: 192.168.3.1, 192.168.3.2, or 192.168.3.3. Which configuration should be used?

  • A. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside
  • B. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.254 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside
  • C. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 route map permit 10.10.0.0 255.255.255.0 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside
  • D. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #538 Topic 1

When the active router in an HSRP group fails, which router assumes the role and forwards packets?

  • A. forwarding
  • B. listening
  • C. standby
  • D. backup
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #539 Topic 1

What protocol allows an engineer to back up 20 network router configurations globally while using the copy function?

  • A. TCP
  • B. SMTP
  • C. FTP
  • D. SNMP
Reveal Solution Hide Solution   Discussion   12

Correct Answer: D 🗳️

Question #540 Topic 1

Which type of address is the public IP address of a NAT device?

  • A. outside global
  • B. outside local
  • C. inside global
  • D. inside local
  • E. outside public
  • F. inside public
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️
NAT use four types of addresses:
✑ Inside local address - The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network
Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address.
✑ Inside global address - A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world.
✑ Outside local address - The IP address of an outside host as it is known to the hosts on the inside network.
✑ Outside global address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.

Question #541 Topic 1

Which two pieces of information can you determine from the output of the show ntp status command? (Choose two.)

  • A. whether the NTP peer is statically configured
  • B. the IP address of the peer to which the clock is synchronized
  • C. the configured NTP servers
  • D. whether the clock is synchronized
  • E. the NTP version number of the peer
Reveal Solution Hide Solution   Discussion   2

Correct Answer: BD 🗳️
Below is the output of the ג€show ntp statusג€ command. From this output we learn that R1 has a stratum of 10 and it is getting clock from 10.1.2.1.

Question #542 Topic 1

Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts?

  • A. source
  • B. static
  • C. pool
  • D. overload
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️
By adding the keyword ג€overloadג€ at the end of a NAT statement, NAT becomes PAT (Port Address Translation). This is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT.
An example of using ג€overloadג€ keyword is shown below:
R1(config)# ip nat inside source list 1 interface ethernet1 overload

Question #543 Topic 1

Which feature or protocol determines whether the QOS on the network is sufficient to support IP services?

  • A. LLDP
  • B. CDP
  • C. IP SLA
  • D. EEM
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️
IP SLA allows an IT professional to collect information about network performance in real time. Therefore it helps determine whether the QoS on the network is sufficient for IP services or not.
Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible subsystem that provides real-time network event detection and onboard automation. It gives you the ability to adapt the behavior of your network devices to align with your business needs.

Question #544 Topic 1

In QoS, which prioritization method is appropriate for interactive voice and video?

  • A. traffic policing
  • B. round-robin scheduling
  • C. low-latency queuing
  • D. expedited forwarding
Reveal Solution Hide Solution   Discussion   20

Correct Answer: C 🗳️
Low Latency Queuing (LLQ) is the preferred queuing policy for VoIP audio. Given the stringent delay/jitter sensitive requirements of voice and video and the need to synchronize audio and video for CUVA, priority (LLQ) queuing is the recommended for all video traffic as well. Note that, for video, priority bandwidth is generally fudged up by 20% to account for the overhead.

Question #545 Topic 1

DRAG DROP -
Drag and drop the SNMP components from the left onto the descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #546 Topic 1

What is the purpose of traffic shaping?

  • A. to be a marking mechanism that identifies different flows
  • B. to provide fair queuing for buffered flows
  • C. to mitigate delays over slow links
  • D. to limit the bandwidth that a flow can use
Reveal Solution Hide Solution   Discussion   24

Correct Answer: D 🗳️
The primary reasons you would use traffic shaping are to control access to available bandwidth, to ensure that traffic conforms to the policies established for it, and to regulate the flow of traffic in order to avoid congestion that can occur when the sent traffic exceeds the access speed of its remote, target interface.

Question #547 Topic 1

What is a function of TFTP in network operations?

  • A. transfers IOS images from a server to a router for firmware upgrades
  • B. transfers a backup configuration file from a server to a switch using a username and password
  • C. transfers configuration files from a server to a router on a congested link
  • D. transfers files between file systems on a router
Reveal Solution Hide Solution   Discussion   33

Correct Answer: A 🗳️

Question #548 Topic 1

What is a DHCP client?

  • A. a workstation that requests a domain name associated with its IP address
  • B. a host that is configured to request an IP address automatically
  • C. a server that dynamically assigns IP addresses to hosts.
  • D. a router that statically assigns IP addresses to hosts.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #549 Topic 1

Where does the configuration reside when a helper address is configured lo support DHCP?

  • A. on the router closest to the server
  • B. on the router closest to the client
  • C. on every router along the path
  • D. on the switch trunk interface
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #550 Topic 1

What facilitates a Telnet connection between devices by entering the device name?

  • A. SNMP
  • B. DNS lookup
  • C. syslog
  • D. NTP
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #551 Topic 1

When deploying syslog, which severity level logs informational messages?

  • A. 0
  • B. 2
  • C. 4
  • D. 6
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️
Reference:
https://en.wikipedia.org/wiki/Syslog

Question #552 Topic 1

DRAG DROP -

Refer to the exhibit. An engineer is configuring the router to provide static NAT for the webserver. Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the fight.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #553 Topic 1

Which two QoS tools provide congestion management? (Choose two.)

  • A. CBWFQ
  • B. FRTS
  • C. CAR
  • D. PBR
  • E. PQ
Reveal Solution Hide Solution   Discussion   9

Correct Answer: AE 🗳️

Question #554 Topic 1

Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic?

  • A. WRED
  • B. FIFO
  • C. WFQ
  • D. PQ
Reveal Solution Hide Solution   Discussion   13

Correct Answer: D 🗳️

Question #555 Topic 1

An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer?

  • A. client exclusion
  • B. DHCP address assignment
  • C. passive client
  • D. static IP tunneling
Reveal Solution Hide Solution   Discussion   24

Correct Answer: C 🗳️
Passive clients are wireless devices, such as scales and printers that are configured with a static IP address. These clients do not transmit any IP information such as IP address, subnet mask, and gateway information when they associate with an access point. As a result, when passive clients are used, the controller never knows the IP address unless they use the DHCP.
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ m_configuring_passive_clients.html

Question #556 Topic 1

When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?

  • A. DHCPOFFER
  • B. DHCP relay agent
  • C. DHCP server
  • D. DHCPDISCOVER
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #557 Topic 1


Refer to the exhibit. The ntp server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock?

  • A. Router2(config)#ntp server 172.17.0.1
  • B. Router2(config)#ntp server 192.168.0.2
  • C. Router2(config)#ntp passive
  • D. Router2(config)#ntp master 4
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #558 Topic 1

Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

  • A. FTP
  • B. SMTP
  • C. TFTP
  • D. DTP
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #559 Topic 1

Which condition must be met before an NMS handles an SNMP trap from an agent?

  • A. The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.
  • B. The NMS must receive a trap and an inform message from the SNMP agent within a configured interval.
  • C. The NMS software must be loaded with the MIB associated with the trap.
  • D. The NMS must be configured on the same router as the SNMP agent.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #560 Topic 1

An engineer is configuring switch SW1 to act as an NTP server when all upstream NTP server connectivity fails. Which configuration must be used?

  • A. SW1# config t SW1(config)#ntp peer 192.168.1.1 SW1(config)#ntp access-group peer accesslist1
  • B. SW1# config t SW1(config)#ntp master SW1(config)#ntp server192.168.1.1
  • C. SW1# config t SW1(config)#ntp backup SW1(config)#ntp server192.168.1.1
  • D. SW1# config t SW1(config)#ntp server192.168.1.1 SW1(config)#ntp access-group peer accesslist1
Reveal Solution Hide Solution   Discussion   21

Correct Answer: B 🗳️
ntp server192.168.1.1 makes the SW1 a client to the primary server reachable with an IP address of 192.168.1.1
NTP server makes SW1 a server and uses its own internal clock to provide the time when the connectivity to the primary server 192.168.1.1 fails.

Question #561 Topic 1

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

  • A. DHCP Binding
  • B. a DHCP Relay Agent
  • C. DHCP Snooping
  • D. a DHCP Pool
Reveal Solution Hide Solution   Discussion   18

Correct Answer: B 🗳️

Question #562 Topic 1

Which level of severity must be set to get informational syslogs?

  • A. alert
  • B. critical
  • C. notice
  • D. debug
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #563 Topic 1

On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

  • A. STP
  • B. DHCP
  • C. SNMP
  • D. DNS
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #564 Topic 1

Which two statements about NTP operations are true? (Choose two.)

  • A. NTP uses UDP over IP.
  • B. Cisco routers can act as both NTP authoritative servers and NTP clients.
  • C. Cisco routers can act only as NTP servers.
  • D. Cisco routers can act only as NTP clients.
  • E. NTP uses TCP over IP.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: AB 🗳️

Question #565 Topic 1


Refer to the exhibit. Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN
100 to use their own IP addresses?

  • A. Router1(config)#access-list 99 permit 192.168.100.32 0.0.0.31 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside
  • B. Router1(config)#access-list 99 permit 192.168.100.0 0.0.0.255 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside
  • C. Router1(config)#access-list 99 permit 209.165.201.2 255.255.255.255 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside
  • D. Router1(config)#access- list 99 permit 209.165.201.2 0.0.0.0 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #566 Topic 1


Refer to the exhibit. Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two.)

  • A. transport input ssh
  • B. username CNAC secret R!41!3705926@
  • C. crypto key generate rsa 1024
  • D. line vty 0 4
  • E. ip ssh version 2
Reveal Solution Hide Solution   Discussion   9

Correct Answer: CE 🗳️

Question #567 Topic 1

Which command implies the use of SNMPv3?

  • A. snmp-server user
  • B. snmp-server host
  • C. snmp-server enable traps
  • D. snmp-server community
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/15-e/snmp-15-e-book.pdf

Question #568 Topic 1

R1 as an NTP server must have:
✑ NTP authentication enabled
✑ NTP packets sourced from Interface loopback 0
✑ NTP stratum 2
✑ NTP packets only permitted to client IP 209.165.200.225
How should R1 be configured?

  • A. ntp authenticate ntp authentication-key 2 sha1 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp master 2 ! access-list 10 permit udp host 209.165.200.225 any eq 123
  • B. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp interface Loopback0 ntp access-group server-only 10 ntp stratum 2 ! access-list 10 permit 209.165.200.225
  • C. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp master 2 ! access-list 10 permit 209.165.200.225
  • D. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp stratum 2 ! access-list 10 permit udp host 209.165.200.225 any eq 123
Reveal Solution Hide Solution   Discussion   17

Correct Answer: D 🗳️

Question #569 Topic 1

What is a capability of FTP in network management operations?

  • A. offers proprietary support at the session layer when transferring data
  • B. uses separate control and data connections to move files between server and client
  • C. encrypts data before sending between data resources
  • D. devices are directly connected and use UDP to pass file information
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️
Reference:
https://en.wikipedia.org/wiki/File_Transfer_Protocol#:~:text=The%20File%20Transfer%20Protocol%20(FTP,the%20client%20and%20the%20server

Question #570 Topic 1

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

  • A. password password
  • B. ip ssh authentication-retries 2
  • C. ip domain-name domain
  • D. crypto key generate rsa modulus 1024
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️
Reference:
https://www.letsconfig.com/how-to-configure-ssh-on-cisco-ios-devices/

Question #571 Topic 1

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

  • A. traffic policing
  • B. weighted random early detection
  • C. traffic prioritization
  • D. traffic shaping
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html

Question #572 Topic 1

Which command must be entered to configure a DHCP relay?

  • A. ip dhcp relay
  • B. ip dhcp pool
  • C. ip address dhcp
  • D. ip helper-address
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️
Reference:
https://www.cisco.com/en/US/docs/ios/12_4t/ip_addr/configuration/guide/htdhcpre.html#:~:text=ip%20helper%2Daddress%20address,-Example%
3A&text=Forwards%20UPD%20broadcasts%2C%20including%20BOOTP%20and%20DHCP.&text=The%20address%20argument%20can%20be,to%20respond
%20to%20DHCP%20requests

Question #573 Topic 1


Refer to the exhibit. The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on
VLAN 1 to receive addresses from the DHCP server?

  • A. Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP client.
  • B. Configure ip dhcp relay information option command on the interface that is connected to the DHCP server.
  • C. Configure ip dhcp snooping trust command on the interface that is connected to the DHCP server.
  • D. Configure the ip dhcp information option command on the interface that is connected to the DHCP client.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #574 Topic 1

A network analyst is tasked with configuring the date and time on a router using EXEC mode. The date must be set to January 1, 2020 and the time must be set to
12:00 am. Which command should be used?

  • A. clock timezone
  • B. clock summer-time date
  • C. clock summer-time recurring
  • D. clock set
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #576 Topic 1

Which command creates a static NAT binding for a PC address of 10.1.1.1 to the public routable address 209.165.200.225 assigned to the PC?

  • A. R1(config)#ip nat inside source static 10.1.1.1 209.165.200.225
  • B. R1(config)#ip nat outside source static 209.165.200.225 10.1.1.1
  • C. R1(config)#ip nat inside source static 209.165.200.225 10.1.1.1
  • D. R1(config)#ip nat outside source static 10.1.1.1 209.165.200.225
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #577 Topic 1

What prevents a workstation from receiving a DHCP address?

  • A. STP
  • B. VTP
  • C. 802.1Q
  • D. DTP
Reveal Solution Hide Solution   Discussion   16

Correct Answer: C 🗳️

Question #578 Topic 1

What is a feature of TFTP?

  • A. offers anonymous user login ability
  • B. uses two separate connections for control and data traffic
  • C. relies on the well-known TCP port 20 to transmit data
  • D. provides secure data transfer
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #579 Topic 1

Which QoS forwarding per-hop behavior changes a specific value in a packet header to set the class of service for the packet?

  • A. shaping
  • B. classification
  • C. policing
  • D. marking
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #580 Topic 1


Refer to the exhibit. How should the configuration be updated to allow PC1 and PC2 access to the Internet?

  • A. Modify the configured number of the second access list
  • B. Change the ip nat inside source command to use interface GigabitEthernet0/0
  • C. Remove the overload keyword from the ip nat inside source command
  • D. Add either the ip nat {inside|outside} command under both interfaces
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #581 Topic 1

What is the purpose of the ip address dhcp command?

  • A. to configure an interface as a DHCP relay
  • B. to configure an interface as a DHCP client
  • C. to configure an interface as a DHCP helper
  • D. to configure an interface as a DHCP server
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #582 Topic 1


Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4?

  • A. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1
  • B. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
  • C. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps
  • D. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
Reveal Solution Hide Solution   Discussion   18

Correct Answer: A 🗳️

Question #583 Topic 1

DRAG DROP -
Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #584 Topic 1

An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using the cryptographic protocol?

  • A. hostname R1 service password-encryption crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local
  • B. hostname R1 ip domain name cisco crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local
  • C. hostname R1 crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local
  • D. hostname R1 ip domain name cisco crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input all login local
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #585 Topic 1

Which per-hop traffic-control feature does an ISP implement to mitigate the potential negative effects of a customer exceeding its committed bandwidth?

  • A. policing
  • B. queuing
  • C. marking
  • D. shaping
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #586 Topic 1

DRAG DROP -
Drag and drop the QoS terms from the left onto the descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   11

Correct Answer:

Question #587 Topic 1

Which remote access protocol provides unsecured remote CLI access?

  • A. console
  • B. Telnet
  • C. SSH
  • D. Bash
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #588 Topic 1

DRAG DROP -
Drag and drop the functions of SNMP fault-management from the left onto the definitions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #589 Topic 1


Refer to the exhibit. Which router or router group are NTP clients?

  • A. R1
  • B. R2 and R3
  • C. R1, R3, and R4
  • D. R1, R2, and R3
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #590 Topic 1


Refer to the exhibit. What is the next step to complete the implementation for the partial NAT configuration shown?

  • A. Modify the access list for the internal network on e0/1.
  • B. Reconfigure the static NAT entries that overlap the NAT pool.
  • C. Apply the ACL to the pool configuration.
  • D. Configure the NAT outside interface.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #591 Topic 1

What is a syslog facility?

  • A. host that is configured for the system to send log messages
  • B. password that authenticates a Network Management System to receive log messages
  • C. group of log messages associated with the configured severity level
  • D. set of values that represent the processes that can generate a log message
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #592 Topic 1

DRAG DROP -
Drag and drop the functions of DHCP from the left onto any of the positions on the right. Not all functions are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #593 Topic 1


Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be modified for the connection to work?

  • A. Subnet Mask
  • B. DNS Servers
  • C. Default Gateway
  • D. DHCP Servers
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #594 Topic 1

Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?

  • A. CBWFQ
  • B. policing
  • C. LLQ
  • D. shaping
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️
Use the police command to mark a packet with different quality of service (QoS) values based on conformance to the service-level agreement. Traffic policing allows you to control the maximum rate of traffic transmitted or received on an interface.
Reference:
https://www.cisco.com/c/en/us/td/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book/traffic_policing.html

Question #595 Topic 1

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

  • A. Shaping
  • B. Policing
  • C. Classification
  • D. Marking
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #596 Topic 1

What is the function of FTP?

  • A. Always operated without user connection validation
  • B. Uses block number to identify and mitigate data-transfer errors
  • C. Relies on the well-known UDO port 69 for data transfer
  • D. Uses two separate connections for control and data traffic
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #597 Topic 1

How does TFTP operate in a network?

  • A. Provides secure data transfer
  • B. Relies on the well-known TCP port 20 to transmit data
  • C. Uses block numbers to identify and mitigate data-transfer errors
  • D. Requires two separate connections for control and data traffic
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #598 Topic 1


Refer to the exhibit. Which plan must be implemented to ensure optimal QoS marking practices on this network?

  • A. Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2
  • B. As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer
  • C. Remark traffic as it traverses R1 and trust all markings at the access layer.
  • D. As traffic enters from the access layer on SW1 and SW2, trust all traffic markings.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️
Tell the switch to trust CoS markings from a Cisco IP phone on the access port. Cisco IP phones use 802.1q tags, these .1q tags contain the CoS value, to mark voice traffic at layer 2. When it's forwarded upstream, the DSCP value is trusted (on the uplink port) and unchanged, but the .1q tag (and with it the CoS value) is stripped off by the upstream switch when received over the trunk.

Question #599 Topic 1

How does QoS optimize voice traffic?

  • A. by reducing bandwidth usage
  • B. by reducing packet loss
  • C. by differentiating voice and video traffic
  • D. by increasing jitter
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #600 Topic 1

Which QoS tool can you use to optimize voice traffic on a network that is primarily intended for data traffic?

  • A. WRED
  • B. FIFO
  • C. PQ
  • D. WFQ
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #601 Topic 1


Refer to the exhibit. Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

  • A. Define a NAT pool on the router.
  • B. Configure the ip nat outside command on another interface for VLAN 200
  • C. Configure static NAT translations for VLAN 200.
  • D. Update the NAT_INSIDE_RANGES ACL.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #602 Topic 1

An organization secures its network with multi-factor authentication using an authenticator app on employee smartphones. How is the application secured in the case of a user's smartphone being lost or stolen?

  • A. The application requires the user to enter a PIN before it provides the second factor
  • B. The application requires an administrator password to reactivate after a configured interval
  • C. The application verifies that the user is in a specific location before it provides the second factor
  • D. The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #603 Topic 1

Which device performs stateful inspection of traffic?

  • A. switch
  • B. firewall
  • C. access point
  • D. wireless controller
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Question #604 Topic 1

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

  • A. enable dynamic MAC address learning
  • B. implement static MAC addressing
  • C. enable sticky MAC addressing
  • D. implement auto MAC address learning
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #605 Topic 1


Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password?

  • A. R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234 R1(config-line)#transport input telnet
  • B. R1(config)#username admin privilege 15 secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local
  • C. R1(config)#username admin secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local R1(config)#enable secret p@ss1234
  • D. R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️

Question #606 Topic 1

Which effect does the aaa new-model configuration command have?

  • A. It enables AAA services on the device.
  • B. It configures the device to connect to a RADIUS server for AAA.
  • C. It associates a RADIUS server to the group.
  • D. It configures a local user on the device.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Question #607 Topic 1

Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address? (Choose two.)

  • A. The security violation counter dose not increment
  • B. The port LED turns off
  • C. The interface is error-disabled
  • D. A syslog message is generated
  • E. The interface drops traffic from unknown MAC address
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AE 🗳️

Question #608 Topic 1

Which technology must be implemented to configure network device monitoring with the highest security?

  • A. IP SLA
  • B. syslog
  • C. NetFlow
  • D. SNMPv3
Reveal Solution Hide Solution   Discussion   24

Correct Answer: D 🗳️

Question #609 Topic 1

Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose two.)

  • A. learned MAC addresses are deleted after five minutes of inactivity
  • B. the interface is error-disabled if packets arrive from a new unknown source address
  • C. it has dynamically learned two secure MAC addresses
  • D. it has dynamically learned three secure MAC addresses
  • E. the security violation counter increments if packets arrive from a new unknown source address
Reveal Solution Hide Solution   Discussion   13

Correct Answer: AC 🗳️

Question #610 Topic 1

Refer to the exhibit. Which statement about the interface that generated the output is true?

  • A. A syslog message is generated when a violation occurs.
  • B. One secure MAC address is manually configured on the interface.
  • C. One secure MAC address is dynamically learned on the interface.
  • D. Five secure MAC addresses are dynamically learned on the interface.
Reveal Solution Hide Solution   Discussion   23

Correct Answer: B 🗳️

Question #611 Topic 1


Refer to the exhibit. What is the effect of this configuration?

  • A. The switch port remains administratively down until the interface is connected to another switch.
  • B. Dynamic ARP Inspection is disabled because the ARP ACL is missing.
  • C. The switch port interface trust state becomes untrusted.
  • D. The switch port remains down until it is configured to trust or untrust incoming packets.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️
Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks. After enabling DAI, all ports become untrusted ports.

Question #612 Topic 1

What is the difference between AAA authentication and authorization?

  • A. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user performs.
  • B. Authentication controls the system processes a user accesses, and authorization logs the activities the user initiates.
  • C. Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.
  • D. Authentication identifies a user who is attempting to access a system, and authorization validates the user's password.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️
AAA stands for Authentication, Authorization and Accounting.
✑ Authentication: Specify who you are (usually via login username & password)
✑ Authorization: Specify what actions you can do, what resource you can access
✑ Accounting: Monitor what you do, how long you do it (can be used for billing and auditing)
An example of AAA is shown below:
✑ Authentication: ג€I am a normal user. My username/password is user_tom/learnforeverג€
✑ Authorization: ג€user_tom can access LearnCCNA server via HTTP and FTPג€
✑ Accounting: ג€user_tom accessed LearnCCNA server for 2 hoursג€. This user only uses ג€showג€ commands.

Question #613 Topic 1

When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two.)

  • A. decimal
  • B. ASCII
  • C. hexadecimal
  • D. binary
  • E. base64
Reveal Solution Hide Solution   Discussion   4

Correct Answer: BC 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/multi-preshared-key.pdf

Question #614 Topic 1

DRAG DROP -
Drag and drop the AAA functions from the left onto the correct AAA services on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #615 Topic 1

An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two.)

  • A. Configure the ports as trunk ports.
  • B. Enable the Cisco Discovery Protocol.
  • C. Configure the port type as access and place in VLAN 99.
  • D. Administratively shut down the ports.
  • E. Configure the ports in an EtherChannel.
Reveal Solution Hide Solution   Discussion   15

Correct Answer: CD 🗳️

Question #616 Topic 1

An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe, but the link may have contained malicious code.
Which type of security program is in place?

  • A. user awareness
  • B. brute force attack
  • C. physical access control
  • D. social engineering attack
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️
This is a training program which simulates an attack, not a real attack (as it says ג€The webpage that opens reports that it was safeג€) so we believed it should be called a ג€user awarenessג€ program. Therefore the best answer here should be ג€user awarenessג€. This is the definition of ג€User awarenessג€ from CCNA 200-301
Offical Cert Guide Book:
ג€User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. ג€
Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.

Question #617 Topic 1

DRAG DROP -
Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:
Layer 2 Security Mechanism includes WPA+WPA2, 802.1X, Static WEP, CKIP while Layer 3 Security Mechanisms (for WLAN) includes IPSec, VPN Pass-
Through, Web Passthrough ג€¦
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106082-wlc-compatibility-matrix.html

Question #618 Topic 1

Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

  • A. TACACS
  • B. CPU ACL
  • C. Flex ACL
  • D. RADIUS
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️
Whenever you want to control which devices can talk to the main CPU, a CPU ACL is used.
Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting or generated by the CPU.
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109669-secure-wlc.html

Question #619 Topic 1

Which set of actions satisfy the requirement for multifactor authentication?

  • A. The user enters a user name and password, and then re-enters the credentials on a second screen.
  • B. The user swipes a key fob, then clicks through an email link.
  • C. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device.
  • D. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️
This is an example of how two-factor authentication (2FA) works:
1. The user logs in to the website or service with their username and password.
2. The password is validated by an authentication server and, if correct, the user becomes eligible for the second factor.
3. The authentication server sends a unique code to the user's second-factor method (such as a smartphone app).
4. The user confirms their identity by providing the additional authentication for their second-factor method.

Question #620 Topic 1

Which configuration is needed to generate an RSA key for SSH on a router?

  • A. Configure VTY access.
  • B. Configure the version of SSH.
  • C. Assign a DNS domain name.
  • D. Create a user with a password.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: C 🗳️

Question #621 Topic 1


Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended.
Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.)

  • A. Add a ג€permit ip any anyג€ statement at the end of ACL 101 for allowed traffic.
  • B. Add a ג€permit ip any anyג€ statement to the beginning of ACL 101 for allowed traffic.
  • C. The ACL must be moved to the Gi0/1 interface outbound on R2.
  • D. The source and destination IPs must be swapped in ACL 101.
  • E. The ACL must be configured the Gi0/2 interface inbound on R1.
Reveal Solution Hide Solution   Discussion   16

Correct Answer: AD 🗳️

Question #622 Topic 1

An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills the configuration requirement?

  • A. WEP
  • B. AES
  • C. RC4
  • D. TKIP
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️
Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES), and WPA2-PSK (TKIP/AES) as options. TKIP is actually an older encryption protocol introduced with
WPA to replace the very-insecure WEP encryption at the time. TKIP is actually quite similar to WEP encryption. TKIP is no longer considered secure, and is now deprecated. In other words, you shouldn't be using it.
AES is a more secure encryption protocol introduced with WPA2 and it is currently the strongest encryption type for WPA2-PSK/.

Question #623 Topic 1

DRAG DROP -
Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   16

Correct Answer:

Question #624 Topic 1

Refer to the exhibit. Which configuration for RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   24

Correct Answer: B

Question #625 Topic 1

While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this behavior? (Choose two.)

  • A. The ACL is empty
  • B. A matching permit statement is too broadly defined
  • C. The packets fail to match any permit statement
  • D. A matching deny statement is too high in the access list
  • E. A matching permit statement is too high in the access list
Reveal Solution Hide Solution   Discussion   39

Correct Answer: BE 🗳️
Traffic might be permitted if the permit statement is too braid, meaning that you are allowing more traffic than what is specifically needed, or if the matching permit statement is placed ahead of the deny traffic. Routers will look at traffic and compare it to the ACL and once a match is found, the router acts accordingly to that rule.

Question #626 Topic 1

The service password-encryption command is entered on a router. What is the effect of this configuration?

  • A. restricts unauthorized users from viewing clear-text passwords in the running configuration
  • B. prevents network administrators from configuring clear-text passwords
  • C. protects the VLAN database from unauthorized PC connections on the switch
  • D. encrypts the password exchange when a VPN tunnel is established
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #627 Topic 1

Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

  • A. SAE encryption
  • B. TKIP encryption
  • C. scrambled encryption key
  • D. AES encryption
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Question #628 Topic 1

Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface fastethernet 0/1?

  • A. DHCP client
  • B. access point
  • C. router
  • D. PC
Reveal Solution Hide Solution   Discussion   13

Correct Answer: C 🗳️

Question #629 Topic 1

Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are stored as a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?

  • A. SW1
  • B. SW2
  • C. SW3
  • D. SW4
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #630 Topic 1


Refer to the exhibit. What is the effect of this configuration?

  • A. The switch discards all ingress ARP traffic with invalid MAC-to-IP address bindings.
  • B. All ARP packets are dropped by the switch.
  • C. Egress traffic is passed only if the destination is a DHCP server.
  • D. All ingress and egress traffic is dropped because the interface is untrusted.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️
Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking.

Question #631 Topic 1

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

  • A. IPsec
  • B. IKEv1
  • C. MD5
  • D. IKEv2
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️
A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet. A site-to-site
VPN means that two sites create a VPN tunnel by encrypting and sending data between two devices. One set of rules for creating a site-to-site VPN is defined by
IPsec.

Question #632 Topic 1

Which type of wireless encryption is used for WPA2 in preshared key mode?

  • A. AES-128
  • B. TKIP with RC4
  • C. AES-256
  • D. RC4
Reveal Solution Hide Solution   Discussion   16

Correct Answer: C 🗳️
We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-
128.

Reference:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2-config.html

Question #633 Topic 1

DRAG DROP -
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:
Double-Tagging attack:

In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed.
Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.
To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs.
ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2. Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network which can be used to mitigate this type of attack.

Question #634 Topic 1

Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

  • A. enable secret
  • B. enable password
  • C. service password-encryption
  • D. username cisco password encrypt
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #635 Topic 1


Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computers must be able to access the web server. Which configuration when applied to switch A accomplishes the task?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   6

Correct Answer: D

Question #636 Topic 1

In which two ways does a password manager reduce the chance of a hacker stealing a user's password? (Choose two.)

  • A. It encourages users to create stronger passwords
  • B. It uses an internal firewall to protect the password repository from unauthorized access
  • C. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality
  • D. It automatically provides a second authentication factor that is unknown to the original user
  • E. It protects against keystroke logging on a compromised device or web site
Reveal Solution Hide Solution   Discussion   9

Correct Answer: AE 🗳️

Question #637 Topic 1

Which goal is achieved by the implementation of private IPv4 addressing on a network?

  • A. provides an added level of protection against Internet exposure
  • B. provides a reduction in size of the forwarding table on network routers
  • C. allows communication across the Internet to other private networks
  • D. allows servers and workstations to communicate across public network boundaries
Reveal Solution Hide Solution   Discussion   13

Correct Answer: A 🗳️

Question #638 Topic 1

Which type of attack is mitigated by dynamic ARP inspection?

  • A. DDoS
  • B. malware
  • C. man-in-the-middle
  • D. worm
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #639 Topic 1

What is a function of a remote access VPN?

  • A. establishes a secure tunnel between two branch sites
  • B. uses cryptographic tunneling to protect the privacy of data for multiple users simultaneously
  • C. used exclusively when a user is connected to a company's internal network
  • D. allows the users to access company internal network resources through a secure tunnel
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #640 Topic 1

What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closet? (Choose two.)

  • A. enable the PortFast feature on ports
  • B. configure static ARP entries
  • C. configure ports to a fixed speed
  • D. implement port-based authentication
  • E. shut down unused ports
Reveal Solution Hide Solution   Discussion   4

Correct Answer: DE 🗳️

Question #641 Topic 1


Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

  • A. access-list 2699 permit udp 10.20.1.0 0.0.0.255
  • B. no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22
  • C. access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22
  • D. no access-list 2699 deny ip any 10.20.1.0 0.0.0.255
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️
Already a statement is there in last to allow SSH Traffic for network 10.20.1.0 0.0.0.127, but Second statement says deny ip any 10.20.1.0 0.0.0.255, so how it will work once it is denied. So the right answer is remove the --- no access-list 2699 deny ip any 10.20.1.0 0.0.0.255.

Question #642 Topic 1

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

  • A. switchport port-security violation access
  • B. switchport port-security violation protect
  • C. switchport port-security violation restrict
  • D. switchport port-security violation shutdown
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.html

Question #643 Topic 1

What is a practice that protects a network from VLAN hopping attacks?

  • A. Enable dynamic ARP inspection
  • B. Configure an ACL to prevent traffic from changing VLANs
  • C. Change native VLAN to an unused VLAN ID
  • D. Implement port security on internet-facing VLANs
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #644 Topic 1

Where does a switch maintain DHCP snooping information?

  • A. In the CAM table
  • B. In the frame forwarding database
  • C. In the MAC address table
  • D. In the binding database
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #645 Topic 1

A network administrator must configure SSH for remote access to router R1. The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client. Which configuration, when applied, meets the requirements?

  • A. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate ec keysize 1024
  • B. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate ec keysize 2048
  • C. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key encrypt rsa name myKey
  • D. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate rsa modulus 1024
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #646 Topic 1

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI, which format is supported?

  • A. decimal
  • B. ASCII
  • C. unicode
  • D. base64
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #647 Topic 1


Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?

  • A. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
  • B. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq scp
  • C. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq https
  • D. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq ssh
Reveal Solution Hide Solution   Discussion   34

Correct Answer: D 🗳️

Question #648 Topic 1

Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two.)

  • A. HTTPS
  • B. SSH
  • C. HTTP
  • D. Telnet
  • E. TFTP
Reveal Solution Hide Solution   Discussion   3

Correct Answer: CD 🗳️

Question #649 Topic 1

Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?

  • A. physical access control
  • B. biometrics
  • C. role-based access control
  • D. multifactor authentication
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #650 Topic 1

Which function is performed by DHCP snooping?

  • A. listens to multicast traffic for packet forwarding
  • B. rate-limits certain traffic
  • C. propagates VLAN information between switches
  • D. provides DDoS mitigation
Reveal Solution Hide Solution   Discussion   14

Correct Answer: B 🗳️

Question #651 Topic 1

DRAG DROP -
An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured. Drag and drop the configuration commands from the left into the correct sequence on the right. Not all commands are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   20

Correct Answer:

Question #652 Topic 1

Which protocol is used for secure remote CLI access?

  • A. Telnet
  • B. HTTP
  • C. HTTPS
  • D. SSH
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #653 Topic 1

Which implementation provides the strongest encryption combination for the wireless environment?

  • A. WEP
  • B. WPA + TKIP
  • C. WPA + AES
  • D. WPA2 + AES
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #654 Topic 1

What does physical access control regulate?

  • A. access to networking equipment and facilities
  • B. access to servers to prevent malicious activity
  • C. access to specific networks based on business function
  • D. access to computer networks and file systems
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #655 Topic 1

A network engineer is asked to configure VLANS 2, 3, and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused ports remaining. Which action should be taken for the unused ports?

  • A. configure in a nondefault native VLAN
  • B. configure ports in the native VLAN
  • C. configure ports in a black hole VLAN
  • D. configure ports as access ports
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

Question #656 Topic 1

When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?

  • A. 6
  • B. 8
  • C. 12
  • D. 18
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #657 Topic 1

What mechanism carries multicast traffic between remote sites and supports encryption?

  • A. ISATAP
  • B. IPsec over ISATAP
  • C. GRE
  • D. GRE over IPsec
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #658 Topic 1


Refer to the exhibit. An access-list is required to permit traffic from any host on interface Gi0/0 and deny traffic from interface Gi0/1. Which access list must be applied?

  • A. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255
  • B. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255
  • C. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255
  • D. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #659 Topic 1


Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two.)

  • A. ip ssh pubkey-chain
  • B. username cisco password 0 cisco
  • C. crypto key generate rsa
  • D. transport input telnet
  • E. login console
Reveal Solution Hide Solution   Discussion   10

Correct Answer: BC 🗳️

Question #660 Topic 1

Which service is missing when RADIUS is selected to provide management access to the WLC?

  • A. authorization
  • B. authentication
  • C. accounting
  • D. confidentiality
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service.
With RADIUS only the password is encrypted while the other information such as username, accounting information, etc are not encrypted. Encryption is "the process of converting information or data into a code, especially to prevent unauthorized access". So since RADIUS only encrypts the passwords, there is no confidentiality.

Question #661 Topic 1

Which action implements physical access control as part of the security program of an organization?

  • A. setting up IP cameras to monitor key infrastructure
  • B. configuring a password for the console port
  • C. backing up syslogs at a remote location
  • D. configuring enable passwords on network devices
Reveal Solution Hide Solution   Discussion   24

Correct Answer: B 🗳️

Question #662 Topic 1

Which field within the access-request packet is encrypted by RADIUS?

  • A. authorized services
  • B. password
  • C. authenticator
  • D. username
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/12433-32.html

Question #663 Topic 1

A Cisco engineer is configuring a factory-default router with these three passwords:
✑ The user EXEC password for console access is p4ssw0rd1.
✑ The user EXEC password for Telnet access is s3cr3t2.
✑ The password for privileged EXEC mode is priv4t3p4ss.
Which command sequence must the engineer configure?

  • A. enable secret priv4t3p4ss ! line con 0 password p4ssw0rd1 ! line vty 0 15 password s3cr3t2
  • B. enable secret priv4t3p4ss ! line con 0 password p4ssw0rd1 login ! line vty 0 15 password s3cr3t2 login
  • C. enable secret priv4t3p4ss ! line con 0 password login p4ssw0rd1 ! line vty 0 15 password login s3cr3t2 login
  • D. enable secret privilege 15 priv4t3p4ss ! line con 0 password p4ssw0rd1 login ! line vty 0 15 password s3cr3t2 login
Reveal Solution Hide Solution   Discussion   21

Correct Answer: D 🗳️

Question #665 Topic 1

DRAG DROP -
An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts, multicasts, and broadcasts are unable to flood the port. The port must be configured to permit only two random MAC addresses at a time. Drag and drop the required configuration commands from the left onto the sequence on the right. Not all commands are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   27

Correct Answer:

Question #666 Topic 1

What is a function of Opportunistic Wireless Encryption in an environment?

  • A. provide authentication
  • B. protect traffic on open networks
  • C. offer compression
  • D. increase security by using a WEP connection
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/16-12/config-guide/b_wl_16_12_cg/wpa3.html

Question #667 Topic 1

DRAG DROP -
Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #668 Topic 1


Refer to the exhibit. Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement?

  • A. Under Protected Management Frames, set the PMF option to Required.
  • B. Enable CCKM under Authentication Key Management.
  • C. Set the Fast Transition option and the WPA gtk-randomize State to disable.
  • D. Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #669 Topic 1


Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?

  • A. Set Fast Transition to Enabled.
  • B. Enable WPA Policy.
  • C. Set PMF to Required.
  • D. Enable MAC Filtering.
Reveal Solution Hide Solution   Discussion   16

Correct Answer: B 🗳️
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/5700/software/release/3se/wlan/configuration_guide/b_wlan_3se_5700_cg/ b_wlan_3se_5700_cg_chapter_01000.pdf

Question #670 Topic 1

Which encryption method is used by WPA3?

  • A. TKIP
  • B. AES
  • C. SAE
  • D. PSK
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

Question #671 Topic 1

Which type of traffic is sent with pure IPsec?

  • A. multicast traffic from a server at one site to hosts at another location
  • B. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites
  • C. unicast messages from a host at a remote site to a server at headquarters
  • D. spanning-tree updates between switches that are at two different sites
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #672 Topic 1

How does authentication differ from authorization?

  • A. Authentication is used to record what resource a user accesses, and authorization is used to determine what resources a user can access.
  • B. Authentication verifies the identity of a person accessing a network, and authorization determines what resource a user can access.
  • C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network.
  • D. Authentication is used to verify a person's identity, and authorization is used to create syslog messages for logins.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #673 Topic 1

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration for a Secure Shell access RSA key?

  • A. crypto key import rsa pem
  • B. crypto key generate rsa
  • C. crypto key zeroize rsa
  • D. crypto key pubkey-chain rsa
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #674 Topic 1

Which type if network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

  • A. SYN flood
  • B. reflection
  • C. teardrop
  • D. amplification
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #675 Topic 1

Which two components comprise part of a PKI? (Choose two.)

  • A. preshared key that authenticates connections
  • B. one or more CRLs
  • C. RSA token
  • D. CA that grants certificates
  • E. clear-text password that authenticates connections
Reveal Solution Hide Solution   Discussion   5

Correct Answer: CD 🗳️

Question #676 Topic 1

DRAG DROP -
Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #677 Topic 1

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password.
Which configuration must the engineer apply to accomplish this task?

  • A. aaa new-model line con 0 password plaintextpassword privilege level 15
  • B. aaa new-model aaa authorization exec default local aaa authentication login default radius username localuser privilege 15 secret plaintextpassword
  • C. username localuser secret plaintextpassword line con 0 no login local privilege level 15
  • D. username localuser secret plaintextpassword line con 0 login authentication default privilege level 15
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Question #678 Topic 1

Which wireless security protocol relies on Perfect Forward Secrecy?

  • A. WEP
  • B. WPA2
  • C. WPA
  • D. WPA3
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Question #679 Topic 1

What is a zero-day exploit?

  • A. It is when the network is saturated with malicious traffic that overloads resources and bandwidth.
  • B. It is when an attacker inserts malicious code into a SQL server.
  • C. It is when a new network vulnerability is discovered before a fix is available.
  • D. It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #680 Topic 1

A network engineer is replacing the switches that belong to a managed-services client with new Cisco Catalyst switches. The new switches will be configured for updated security standards including replacing.
Telnet services with encrypted connections and doubling the modulus size from 1024. Which two commands must the engineer configure on the new switches?
(Choose two.)

  • A. transport input ssh
  • B. transport input all
  • C. crypto key generate rsa modulus 2048
  • D. crypto key generate rsa general-keys modulus 1024
  • E. crypto key generate rsa usage-keys
Reveal Solution Hide Solution   Discussion   2

Correct Answer: AC 🗳️

Question #681 Topic 1

What are two examples of multifactor authentication? (Choose two.)

  • A. single sign-on
  • B. soft tokens
  • C. passwords that expire
  • D. shared password repository
  • E. unique user knowledge
Reveal Solution Hide Solution   Discussion   16

Correct Answer: BC 🗳️

Question #682 Topic 1

Which characteristic differentiates the concept of authentication from authorization and accounting?

  • A. consumption-based billing
  • B. identity verification
  • C. user-activity logging
  • D. service limitations
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #683 Topic 1

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

  • A. inspecting specific files and file types for malware
  • B. authorizing potentially compromised wireless traffic
  • C. authenticating end users
  • D. URL filtering
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #684 Topic 1

What is a feature of WPA?

  • A. TKIP/MIC encryption
  • B. small Wi-Fi application
  • C. preshared key
  • D. 802.1x authentication
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Question #685 Topic 1

Which two practices are recommended for an acceptable security posture in a network? (Choose two.)

  • A. Use a cryptographic keychain to authenticate to network devices.
  • B. Place internal email and file servers in a designated DMZ.
  • C. Back up device configurations to encrypted USB drives for secure retrieval.
  • D. Disable unused or unnecessary ports, interfaces, and services.
  • E. Maintain network equipment in a secure location.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: DE 🗳️

Question #686 Topic 1

How does WPA3 improve security?

  • A. It uses SAE for authentication.
  • B. It uses RC4 for encryption.
  • C. It uses TKIP for encryption.
  • D. It uses a 4-way handshake for authentication.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #687 Topic 1

What is a function of a Next-Generation IPS?

  • A. correlates user activity with network events
  • B. serves as a controller within a controller-based network
  • C. integrates with a RADIUS server to enforce Layer 2 device authentication rules
  • D. makes forwarding decisions based on learned MAC addresses
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #688 Topic 1

DRAG DROP -
Drag and drop the statements about AAA from the left onto the corresponding AAA services on the right. Not all options are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #689 Topic 1

DRAG DROP -
Drag and drop the elements of a security program from the left onto the corresponding descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #690 Topic 1

Which IPsec transport mode encrypts the IP header and the payload?

  • A. pipe
  • B. transport
  • C. control
  • D. tunnel
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #691 Topic 1

What is the default port-security behavior on a trunk link?

  • A. It places the port in the err-disabled state if it learns more than one MAC address.
  • B. It causes a network loop when a violation occurs.
  • C. It disables the native VLAN configuration as soon as port security is enabled.
  • D. It places the port in the err-disabled state after 10 MAC addresses are statically configured.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #692 Topic 1

Which device separates networks by security domains?

  • A. intrusion protection system
  • B. firewall
  • C. wireless controller
  • D. access point
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #693 Topic 1

How are VLAN hopping attacks mitigated?

  • A. manually implement trunk ports and disable DTP
  • B. configure extended VLANs
  • C. activate all ports and place in the default VLAN
  • D. enable dynamic ARP inspection
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #694 Topic 1

Which enhancements were implemented as part of WPA3?

  • A. Forward secrecy and SAE in personal mode for secure initial key exchange
  • B. 802.1x authentication and AES-128 encryption
  • C. AES-64 in personal mode and AES-128 in enterprise mode
  • D. TKIP encryption improving WEP and per-packet keying
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #695 Topic 1

When a site-to-site VPN is configured which IPsec mode provides encapsulation and encryption of the entire original IP packet?

  • A. IPsec transport mode with AH
  • B. IPsec tunnel mode with AH
  • C. IPsec transport mode with ESP
  • D. IPsec tunnel mode with ESP
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #696 Topic 1

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

  • A. line vty 0 15 access-class 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22
  • B. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 10 in ! ip access-list standard 10 permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22
  • C. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 110 in ! ip access-list standard 110 permit tcp 10.139.58.0 0.0.0.15 eq 22 host 10.122.49.1
  • D. line vty 0 15 access-group 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #697 Topic 1

In an SDN architecture, which function of a network node is centralized on a controller?

  • A. Creates the IP routing table
  • B. Discards a message due filtering
  • C. Makes a routing decision
  • D. Provides protocol access for remote access devices
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️
A controller, or SDN controller, centralizes the control of the networking devices. The degree of control, and the type of control, varies widely. For instance, the controller can perform all control plane functions (such as making routing decisions) replacing the devices' distributed control plane.
Reference:
https://www.ciscopress.com/articles/article.asp?p=2995354&seqNum=2#:~:text=A%20controller%2C%20or%20SDN%20controller,the%20devices'%
20distributed%20control%20plane

Question #698 Topic 1

Which management security process is invoked when a user logs in to a network device using their username and password?

  • A. authentication
  • B. auditing
  • C. accounting
  • D. authorization
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #699 Topic 1


Refer to the exhibit. What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?
(Choose two.)

  • A. Select PSK under Authentication Key Management.
  • B. Select Static-WEP + 802.1X on Layer 2 Security.
  • C. Select WPA+WPA2 on Layer 2 Security.
  • D. Select 802.1X from under Authentication Key Management.
  • E. Select WPA Policy with TKIP Encryption.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: CD 🗳️

Question #700 Topic 1

Which enhancement is implemented in WPA3?

  • A. employs PKI to identify access points
  • B. applies 802.1x authentication
  • C. uses TKIP
  • D. protects against brute force attacks
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #701 Topic 1

DRAG DROP -
Drag and drop the Cisco IOS attack mitigation features from the left onto the types of network attack they mitigate on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   11

Correct Answer:

Question #702 Topic 1


SW1 supports connectivity for a lobby conference room and must be secured. The engineer must limit the connectivity from PC1 to the SW1 and SW2 network.
The MAC addresses allowed must be limited to two. Which configuration secures the conference room connectivity?

  • A. interface gi1/0/15 switchport port-security switchport port-security maximum 2
  • B. interface gi1/0/15 switchport port-security switchport port-security mac-address 0000.abcd.0004vlan 100
  • C. interface gi1/0/15 switchport port-security mac-address 0000.abcd.0004 vlan 100
  • D. interface gi1/0/15 switchport port-security mac-address 0000.abcd.0004 vlan 100 interface switchport secure-mac limit 2
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #703 Topic 1


Refer to the exhibit. An engineer is updating the management access configuration of switch SW1 to allow secured, encrypted remote configuration. Which two commands or command sequences must the engineer apply to the switch? (Choose two.)

  • A. SW1(config)#enable secret ccnaTest123
  • B. SW1(config)#username NEW secret R3mote123
  • C. SW1(config)#line vty 0 15 SW1(config-line)#transport input ssh
  • D. SW1(config)# crypto key generate rsa
  • E. SW1(config)# interface f0/1 SW1(confif-if)# switchport mode trunk
Reveal Solution Hide Solution   Discussion   25

Correct Answer: CD 🗳️

Question #704 Topic 1

Which port security violation mode allows from valid MAC addresses to pass but blocks traffic from invalid MAC addresses?

  • A. restrict
  • B. shutdown
  • C. protect
  • D. shutdown VLAN
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #705 Topic 1

A customer wants to provide wireless access to contractors using a guest portal on Cisco ISE. The portal is also used by employees. A solution is implemented, but contractors receive a certificate error when they attempt to access the portal. Employees can access the portal without any errors. Which change must be implemented to allow the contractors and employees to access the portal?

  • A. Install an Internal CA signed certificate on the Cisco ISE.
  • B. Install a trusted third-party certificate on the Cisco ISE.
  • C. Install an internal CA signed certificate on the contractor devices.
  • D. Install a trusted third-party certificate on the contractor devices.
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️
Reference:
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/200295-Install-a-3rd-party-CA-certificate-in-IS.html

Question #706 Topic 1

Which two wireless security standards use counter mode cipher block chaining Message Authentication Code Protocol for encryption and data integrity? (Choose two.)

  • A. Wi-Fi 6
  • B. WPA3
  • C. WEP
  • D. WPA2
  • E. WPA
Reveal Solution Hide Solution   Discussion   15

Correct Answer: BC 🗳️

Question #707 Topic 1

A network engineer is implementing a corporate SSID for WPA3-Personal security with a PSK. Which encryption cipher must be configured?

  • A. CCMP128
  • B. GCMP256
  • C. CCMP256
  • D. GCMP128
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #708 Topic 1

What is a practice that protects a network from VLAN hopping attacks?

  • A. Implement port security on internet-facing VLANs
  • B. Enable dynamic ARP inspection
  • C. Assign all access ports to VLANs other than the native VLAN
  • D. Configure an ACL to prevent traffic from changing VLANs
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #709 Topic 1

An administrator must use the password complexity not manufacturer-name command to prevent users from adding `Cisco` as a password. Which command must be issued before this command?

  • A. login authentication my-auth-list
  • B. service password-encryption
  • C. password complexity enable
  • D. confreg 0x2142
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #710 Topic 1

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

  • A. platform-as-a-service
  • B. network-as-a-service
  • C. software-as-a-service
  • D. infrastructure-as-a-service
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️
Below are the 3 cloud supporting services cloud providers provide to customer:
✑ SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins.
✑ PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with
PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications.
✑ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing.
In general, IaaS provides hardware so that an organization can install their own operating system.

Question #711 Topic 1

How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?

  • A. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management.
  • B. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management.
  • C. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options.
  • D. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management.
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Question #712 Topic 1

Which purpose does a northbound API serve in a controller-based networking architecture?

  • A. facilitates communication between the controller and the applications
  • B. reports device errors to a controller
  • C. generates statistics for network hardware and traffic
  • D. communicates between the controller and the physical network hardware
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #713 Topic 1

What benefit does controller-based networking provide versus traditional networking?

  • A. allows configuration and monitoring of the network from one centralized point
  • B. provides an added layer of security to protect from DDoS attacks
  • C. combines control and data plane functionality on a single device to minimize latency
  • D. moves from a two-tier to a three-tier network architecture to provide maximum redundancy
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #714 Topic 1

What is an advantage of Cisco DNA Center versus traditional campus device management?

  • A. It is designed primarily to provide network assurance.
  • B. It supports numerous extensibility options, including cross-domain adapters and third-party SDKs.
  • C. It supports high availability for management functions when operating in cluster mode.
  • D. It enables easy autodiscovery of network elements in a brownfield deployment.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #715 Topic 1

DRAG DROP -
Drag and drop the characteristics of networking from the left onto the correct networking types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #716 Topic 1

What are two fundamentals of virtualization? (Choose two.)

  • A. It allows logical network devices to move traffic between virtual machines and the rest of the physical network.
  • B. It allows multiple operating systems and applications to run independently on one physical server.
  • C. It allows a physical router to directly connect NICs from each virtual machine into the network.
  • D. It requires that some servers, virtual machines, and network gear reside on the Internet.
  • E. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: AB 🗳️

Question #717 Topic 1

How does Cisco DNA Center gather data from the network?

  • A. Devices use the call-home protocol to periodically send data to the controller
  • B. Devices establish an IPsec tunnel to exchange data with the controller
  • C. The Cisco CLI Analyzer tool gathers data from each licensed network device and streams it to the controller
  • D. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #718 Topic 1

Which statement compares traditional networks and controller-based networks?

  • A. Only controller-based networks decouple the control plane and the data plane.
  • B. Traditional and controller-based networks abstract policies from device configurations.
  • C. Only traditional networks natively support centralized management.
  • D. Only traditional networks offer a centralized control plane.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️
Most traditional devices use a distributed architecture, in which each control plane is resided in a networking device. Therefore, they need to communicate with each other via messages to work correctly.
In contrast to distributed architecture, centralized (or controller-based) architectures centralizes the control of networking devices into one device, called SDN controller.

Question #719 Topic 1

What are two benefits of network automation? (Choose two.)

  • A. reduced hardware footprint
  • B. reduced operational costs
  • C. faster changes with more reliable results
  • D. fewer network failures
  • E. increased network security
Reveal Solution Hide Solution   Discussion   11

Correct Answer: BC 🗳️

Question #720 Topic 1

Which two encoding methods are supported by REST APIs? (Choose two.)

  • A. SGML
  • B. YAML
  • C. XML
  • D. JSON
  • E. EBCDIC
Reveal Solution Hide Solution   Discussion   7

Correct Answer: CD 🗳️
The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP
(not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/ b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

Question #721 Topic 1

What are two characteristics of a controller-based network? (Choose two.)

  • A. It uses Telnet to report system issues.
  • B. The administrator can make configuration updates from the CLI.
  • C. It uses northbound and southbound APIs to communicate between architectural layers.
  • D. It decentralizes the control plane, which allows each device to make its own forwarding decisions.
  • E. It moves the control plane to a central point.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: CE 🗳️

Question #722 Topic 1

Which output displays a JSON data representation?
A.

B.

C.

D.

Reveal Solution Hide Solution   Discussion   5

Correct Answer: C
JSON data is written as name/value pairs.
A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value:
ג€nameג€:ג€Markג€
JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example:
{
ג€nameג€:ג€Johnג€,
ג€ageג€:30,
ג€carsג€:[ ג€Fordג€, ג€BMWג€, ג€Fiatג€ ]
}
JSON can have empty object like ג€taskIdג€:{}

Question #723 Topic 1

DRAG DROP -
Drag and drop the descriptions from the left onto the configuration-management technologies on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   14

Correct Answer:
The focus of Ansible is to be streamlined and fast, and to require no node agent installation. Thus, Ansible performs all functions over SSH. Ansible is built on
Python, in contrast to the Ruby foundation of Puppet and Chef.
TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file . This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server.
Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby
(ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach.
A Puppet piece of code is called a manifest, and is a file with .pp extension.

Question #724 Topic 1

Which two capabilities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two.)

  • A. REST APIs that allow for external applications to interact natively
  • B. adapters that support all families of Cisco IOS software
  • C. SDKs that support interaction with third-party network equipment
  • D. modular design that is upgradable as needed
  • E. customized versions for small, medium, and large enterprises
Reveal Solution Hide Solution   Discussion   1

Correct Answer: AC 🗳️
Cisco DNA Center offers 360-degree extensibility through four distinct types of platform capabilities:
✑ Intent-based APIs leverage the controller and enable business and IT applications to deliver intent to the network and to reap network analytics and insights for
IT and business innovation.
✑ Process adapters, built on integration APIs, allow integration with other IT and network systems to streamline IT operations and processes.
✑ Domain adapters, built on integration APIs, allow integration with other infrastructure domains such as data center, WAN, and security to deliver a consistent intent-based infrastructure across the entire IT environment.
✑ SDKs allow management to be extended to third-party vendor's network devices to offer support for diverse environments.
Reference:
https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-cent-platf-aag-cte-en.html

Question #725 Topic 1

DRAG DROP -
Drag and drop the descriptions of device management from the left onto the types of device management on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #726 Topic 1

What software-defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?

  • A. management plane
  • B. control plane
  • C. data plane
  • D. policy plane
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #727 Topic 1

What are two benefits of controller-based networking compared to traditional networking? (Choose two.)

  • A. controller-based increases network bandwidth usage, while traditional lightens the load on the network
  • B. controller-based reduces network configuration complexity, while traditional increases the potential for errors
  • C. controller-based allows for fewer network failures, while traditional increases failure rates
  • D. controller-based provides centralization of key IT functions, while traditional requires distributed management functions
  • E. controller-based inflates software costs, while traditional decreases individual licensing costs
Reveal Solution Hide Solution   Discussion   8

Correct Answer: BD 🗳️

Question #728 Topic 1

Which type of API allows SDN controllers to dynamically make changes to the network?

  • A. northbound API
  • B. REST API
  • C. SOAP API
  • D. southbound API
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #729 Topic 1

DRAG DROP -
Drag and drop the AAA terms from the left onto the descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #730 Topic 1

Which option about JSON is true -

  • A. uses predefined tags or angle brackets () to delimit markup text
  • B. used to describe structured data that includes arrays
  • C. used for storing information
  • D. similar to HTML, it is more verbose than XML
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️
JSON data is written as name/value pairs.
A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value:
ג€nameג€:ג€Markג€
JSON can use arrays. Array values must be of type string, number, object, array, boolean or null..
For example:
{
ג€nameג€:ג€Johnג€,
ג€ageג€:30,
ג€carsג€:[ ג€Fordג€, ג€BMWג€, ג€Fiatג€ ]
}

Question #731 Topic 1

Which option best describes an API?

  • A. a contract that describes how various components communicate and exchange data with each other
  • B. an architectural style (versus a protocol) for designing applications
  • C. a stateless client-server model
  • D. request a certain type of data by specifying the URL path that models the data
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Question #732 Topic 1

DRAG DROP -
Drag and drop the characteristics of a cloud environment from the left onto the correct examples on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #733 Topic 1

Which of the following is the JSON encoding of a dictionary or hash?

  • A. {ג€keyג€: ג€valueג€}
  • B. [ג€keyג€, ג€valueג€]
  • C. {ג€keyג€, ג€valueג€}
  • D. (ג€keyג€: ג€valueג€)
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #734 Topic 1

Which role does a hypervisor provide for each virtual machine in server virtualization?

  • A. infrastructure-as-a-service
  • B. Software-as-a-service
  • C. control and distribution of physical resources
  • D. services as a hardware controller
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #735 Topic 1

What is the function of a server?

  • A. It transmits packets between hosts in the same broadcast domain.
  • B. It provides shared applications to end users.
  • C. It routes traffic between Layer 3 devices.
  • D. It ׁreates security zones between trusted and untrusted networks.
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #736 Topic 1

Which CRUD operation modifies an existing table or view?

  • A. read
  • B. update
  • C. replace
  • D. create
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #737 Topic 1

In software-defined architectures, which plane is distributed and responsible for traffic forwarding?

  • A. management plane
  • B. policy plane
  • C. data plane
  • D. control plane
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #738 Topic 1

Refer to the exhibit. Which type of configuration is represented in the output?

  • A. Ansible
  • B. JSON
  • C. Chef
  • D. Puppet
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️
Reference:
https://forge.puppet.com/modules/puppetlabs/ciscopuppet/1.0.0

Question #739 Topic 1

Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?

  • A. Ansible
  • B. Python
  • C. Puppet
  • D. Chef
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #740 Topic 1

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

  • A. Java
  • B. REST
  • C. OpenFlow
  • D. XML
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #741 Topic 1

What uses HTTP messages to transfer data to applications residing on different hosts?

  • A. OpenStack
  • B. OpFlex
  • C. REST
  • D. OpenFlow
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #742 Topic 1

Which JSON data type is an unordered set of attribute-value pairs?

  • A. string
  • B. array
  • C. Boolean
  • D. object
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #743 Topic 1

Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?

  • A. Generic Router Encapsulation (GRE)
  • B. Virtual Local Area Network (VLAN)
  • C. Virtual Extensible LAN (VXLAN)
  • D. Point-to-Point Protocol (PPP)
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #744 Topic 1

Which plane is centralized by an SDN controller?

  • A. management-plane
  • B. data-plane
  • C. services-plane
  • D. control-plane
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #745 Topic 1

Where is the interface between the control plane and data plane within the software-defined architecture?

  • A. application layer and the management layer
  • B. application layer and the infrastructure layer
  • C. control layer and the application layer
  • D. control layer and the infrastructure layer
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #746 Topic 1

Why would a network administrator choose to implement automation in a network environment?

  • A. To simplify the process of maintaining a consistent configuration state across all devices
  • B. To centralize device information storage
  • C. To implement centralized user account management
  • D. To deploy the management plane separately from the rest of the network
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #747 Topic 1

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two.)

  • A. The device is placed into the Managed state.
  • B. The device is placed into the Unmanaged state.
  • C. The device is assigned to the Local site.
  • D. The device is assigned to the Global site.
  • E. The device is placed into the Provisioned state.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AD 🗳️

Question #748 Topic 1

Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

  • A. playbook
  • B. recipe
  • C. model
  • D. cookbook
  • E. task
Reveal Solution Hide Solution   Discussion   7

Correct Answer: AE 🗳️

Question #749 Topic 1

In software-defined architecture, which plane handles switching for traffic through a Cisco router?

  • A. control
  • B. data
  • C. management
  • D. application
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #750 Topic 1

What are two southbound APIs? (Choose two.)

  • A. Thrift
  • B. DSC
  • C. CORBA
  • D. NETCONF
  • E. OpenFlow
Reveal Solution Hide Solution   Discussion   2

Correct Answer: DE 🗳️
OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements.
The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices.
Other southbound APIs are:
ג€¢ onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades.
ג€¢ OpFlex: an open-standard, distributed control system. It send ג€summary policyג€ to network elements.

Question #751 Topic 1

What makes Cisco DNA Center different from traditional network management applications and their management of networks?

  • A. Its modular design allows the implementation of different versions to meet the specific needs of an organization.
  • B. It only supports auto-discovery of network elements in a greenfield deployment.
  • C. It omits support high availability of management functions when operating in cluster mode.
  • D. It abstracts policy from the actual device configuration.
Reveal Solution Hide Solution   Discussion   21

Correct Answer: D 🗳️

Question #752 Topic 1

Which API is used in controller-based architectures to interact with edge devices?

  • A. southbound
  • B. overlay
  • C. northbound
  • D. underlay
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #753 Topic 1

DRAG DROP -
Drag and drop the statements about networking from the left onto the corresponding networking types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #754 Topic 1


Refer to the exhibit. What is represented beginning with line 1 and ending with line 5?

  • A. object
  • B. value
  • C. key
  • D. array
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #755 Topic 1

Which CRUD operation corresponds to the HTTP GET method?

  • A. create
  • B. read
  • C. delete
  • D. update
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️
Reference:
https://hub.packtpub.com/crud-operations-rest/

Question #756 Topic 1

What differentiates device management enabled by Cisco DNA Center from traditional campus device management?

  • A. CLI-oriented device
  • B. centralized
  • C. device-by-device hands-on
  • D. per-device
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #757 Topic 1

DRAG DROP -
Drag and drop the statements about networking from the left onto the corresponding networking types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #758 Topic 1

Which two REST API status-code classes represent errors? (Choose two.)

  • A. 1XX
  • B. 2XX
  • C. 3XX
  • D. 4XX
  • E. 5XX
Reveal Solution Hide Solution   Discussion   4

Correct Answer: DE 🗳️

Question #759 Topic 1

How do servers connect to the network in a virtual environment?

  • A. a cable connected to a physical switch on the network
  • B. wireless to an access point that is physically connected to the network
  • C. a virtual switch that links to an access point that is physically connected to the network
  • D. a software switch on a hypervisor that is physically connected to the network
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #760 Topic 1

What is the function of the controller in a software-defined network?

  • A. forwarding packets
  • B. multicast replication at the hardware level
  • C. making routing decisions
  • D. fragmenting and reassembling packets
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #761 Topic 1

DRAG DROP -
Drag and drop the HTTP methods used with REST-based APIs from the left onto the descriptions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #762 Topic 1

What is a function of a southbound API?

  • A. Use orchestration to provision a virtual server configuration from a web server
  • B. Automate configuration changes between a server and a switching fabric
  • C. Manage flow control between an SDN controller and a switching fabric
  • D. Facilitate the information exchange between an SDN controller and application
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #763 Topic 1

Which script paradigm does Puppet use?

  • A. recipes and cookbooks
  • B. playbooks and roles
  • C. strings and marionettes
  • D. manifests and modules
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #764 Topic 1

Which set of methods is supported with the REST API?

  • A. GET, PUT, ERASE, CHANGE
  • B. GET, POST, MOD, ERASE
  • C. GET, PUT, POST, DELETE
  • D. GET, POST, ERASE, CHANGE
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #765 Topic 1

Which technology is appropriate for communication between an SDN controller end applications running over the network?

  • A. Southbound API
  • B. REST API
  • C. NETCONF
  • D. OpenFlow
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #766 Topic 1

DRAG DROP -
Drag and drop each characteristic of device-management technologies from the left onto the deployment type on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   10

Correct Answer:

Question #767 Topic 1

What is the function of `off-the-shelf` switches in a controller-based network?

  • A. setting packet-handling policies
  • B. forwarding packets
  • C. providing a central view of the deployed network
  • D. making routing decisions
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Question #768 Topic 1

Which REST method updates an object in the Cisco DNA Center Intent API?

  • A. CHANGE
  • B. UPDATE
  • C. POST
  • D. PUT
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #769 Topic 1


Refer to the exhibit. How many JSON objects are represented?

  • A. 1
  • B. 2
  • C. 3
  • D. 4
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #770 Topic 1

Which definition describes JWT in regard to REST API security?

  • A. an encrypted JSON token that is used for authentication
  • B. an encrypted JSON token that is used for authorization
  • C. an encoded JSON token that is used to securely exchange information
  • D. an encoded JSON token that is used for authentication
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #771 Topic 1


Refer to the exhibit. What is identified by the word `switch` within line 2 of the JSON Schema?

  • A. array
  • B. value
  • C. object
  • D. key
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #772 Topic 1


Refer to the exhibit. Which type of JSON data is shown?

  • A. boolean
  • B. array
  • C. key
  • D. object
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #773 Topic 1

DRAG DROP -
Drag and drop the characteristics from the left onto the technology types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #774 Topic 1

Which communication interaction takes place when a southbound API is used?

  • A. between the SDN controller and PCs on the network
  • B. between the SDN controller and switches and routers on the network
  • C. between the SDN controller and services and applications on the network
  • D. between network applications and switches and routers on the network
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #775 Topic 1

What are two characteristics of a public cloud implementation? (Choose two.)

  • A. It is owned and maintained by one party, but it is shared among multiple organizations
  • B. It enables an organization to fully customize how it deploys network resources
  • C. It provides services that are accessed over the Internet
  • D. It is a data center on the public Internet that maintains cloud services for only one company
  • E. It supports network resources from a centralized third-party provider and privately-owned virtual resources
Reveal Solution Hide Solution   Discussion   3

Correct Answer: AC 🗳️

Question #776 Topic 1

DRAG DROP -
Drag and drop the descriptions from the left on to the correct configuration-management technologies on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #777 Topic 1

DRAG DROP -
Drag and drop the REST API call methods for HTTP from the left onto the actions they perform on the right. Not all methods are used.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #778 Topic 1

DRAG DROP -
Drag and drop the REST principles from the left onto their definitions on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #779 Topic 1

DRAG DROP -
Drag and drop the Ansible terms from the left onto the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #780 Topic 1


Refer to the exhibit. How many objects keys, and JSON list values are present?

  • A. Three objects, two keys, and three JSON list values
  • B. Three objects, three keys, and two JSON list values
  • C. One object, three keys, and three JSON list values
  • D. One object, three keys, and two JSON list values
Reveal Solution Hide Solution   Discussion   14

Correct Answer: B 🗳️

Question #781 Topic 1

Which two primary drivers support the need for network automation? (Choose two.)

  • A. Increasing reliance on self-diagnostic and self-healing
  • B. Eliminating training needs
  • C. Policy-driven provisioning of resources
  • D. Reducing hardware footprint
  • E. Providing a single entry point for resource provisioning
Reveal Solution Hide Solution   Discussion   9

Correct Answer: CE 🗳️

Question #782 Topic 1

What is an expected outcome when network management automation is deployed?

  • A. A distributed management plane must be used.
  • B. Complexity increases when new device configurations are added.
  • C. Custom applications are needed to configure network devices.
  • D. Software upgrades are performed from a central controller.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #783 Topic 1


Refer to the exhibit. What is represented by `R1` and `SW1` within the JSON output?

  • A. object
  • B. value
  • C. key
  • D. array
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #784 Topic 1

DRAG DROP -
Drag and drop the statements about networking from the left onto the corresponding networking types on the right.
Select and Place:

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #785 Topic 1

Which HTTP status code is returned after a successful REST API request?

  • A. 200
  • B. 301
  • C. 404
  • D. 500
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #786 Topic 1

With REST API, which standard HTTP header tells a server which media type is expected by the client?

  • A. Accept-Encoding: gzip. deflate
  • B. Accept-Patch: text/example; charset=utf-8
  • C. Content-Type: application/json; charset=utf-8
  • D. Accept: application/json
Reveal Solution Hide Solution   Discussion   14

Correct Answer: D 🗳️

Question #787 Topic 1


Refer to the exhibit. How many objects are present in the given JSON-encoded data?

  • A. One
  • B. Four
  • C. Seven
  • D. Nine
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Question #788 Topic 1

What is the purpose of the Cisco DNA Center controller?

  • A. to securely manage and deploy network devices
  • B. to scan a network and generate a Layer 2 network diagram
  • C. to secure physical access to a data center
  • D. to provide Layer 3 services to autonomous access points
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️
Cisco DNA Center is a powerful network controller and management dashboard for secure access to networks and applications. It lets you take charge of your network, optimize your Cisco investment, and lower your IT spending.
Reference:
https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-center-so-cte-en.html

Question #789 Topic 1

What is the function of the controller in a software-defined network?

  • A. forwarding packets
  • B. multicast replication at the hardware level
  • C. setting packet-handling policies
  • D. fragmenting and reassembling packets
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #790 Topic 1


Refer to the exhibit. A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line but not from show running-config. Which command completes the configuration?

  • A. Device(config)# netconf lock-time 500
  • B. Device(config)# netconf max-message 1000
  • C. Device(config)# no netconf ssh acl 1
  • D. Device(config)# netconf max-sessions 100
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #791 Topic 1

Which statement identifies the functionality of virtual machines?

  • A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor
  • B. The hypervisor can virtualize physical components including CPU, memory, and storage
  • C. Each hypervisor can support a single virtual machine and a single software switch
  • D. The hypervisor communicates on Layer 3 without the need for additional resources
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #792 Topic 1

Which network plane is centralized and manages routing decisions?

  • A. management plane
  • B. data plane
  • C. policy plane
  • D. control plane
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #793 Topic 1

What is a benefit of using private IPv4 addressing?

  • A. Multiple companies can use the same addresses without conflicts.
  • B. Direct connectivity is provided to internal hosts from outside an enterprise network.
  • C. Communication to the internet is reachable without the use of NAT.
  • D. All external hosts are provided with secure communication to the internet.
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #794 Topic 1



Refer to the exhibit. A network engineer must provide configured IP addressing details to investigate a firewall rule issue. Which subnet and mask identify what is configured on the en0 interface?

  • A. 10.8.0.0/16
  • B. 10.8.64.0/18
  • C. 10.8.128.0/19
  • D. 10.8.138.0/24
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #795 Topic 1

What are two characteristics of a small office / home office connection environment? (Choose two.)

  • A. It requires 10Gb ports on all uplinks.
  • B. It supports between 1 and 50 users.
  • C. It supports between 50 and 100 users.
  • D. A router port connects to a broadband connection.
  • E. It requires a core, distribution, and access layer architecture.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: BD 🗳️

Question #796 Topic 1

Which element of a virtualization solution manages virtualized services and enables connections between virtualized services and external interfaces?

  • A. software
  • B. network functionality
  • C. virtual machine
  • D. hardware
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #797 Topic 1

Which group of channels in the 802.11b/gin/ac/ax 2.4 GHz frequency bands are nonoverlapping channels?

  • A. channels 1, 5, and 10
  • B. channels 1, 6, and 11
  • C. channels 1, 5, and 11
  • D. channels 1, 6, and 10
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #798 Topic 1

What is a function of Layer 3 switches?

  • A. They route traffic between devices in different VLANs.
  • B. They transmit broadcast traffic when operating in Layer 3 mode exclusively.
  • C. They move frames between endpoints limited to IP addresses.
  • D. They forward Ethernet frames between VLANs using only MAC addresses,
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #799 Topic 1

DRAG DROP
-

Drag and drop the RF terms from the left onto the corresponding statements on the right.

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #800 Topic 1

Which cable type must be used to interconnect one switch using 1000 BASE-SX GBIC modules and another switch using 1000 BASE-SX SFP modules?

  • A. LC to SC
  • B. SC to SC
  • C. LC to LC
  • D. SC to ST
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #801 Topic 1

DRAG DROP
-

Drag and drop the virtualization concepts from the left onto the matching statements on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #802 Topic 1

What is a benefit of a point-to-point leased line?

  • A. low cost
  • B. full-mesh capability
  • C. simplicity of configuration
  • D. flexibility of design
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #803 Topic 1

Why is TCP desired over UDP for applications that require extensive error checking, such as HTTPS?

  • A. UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.
  • B. UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery.
  • C. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.
  • D. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #804 Topic 1

Which component controls and distributes physical resources for each virtual machine?

  • A. hypervisor
  • B. OS
  • C. CPU
  • D. physical enclosure
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #805 Topic 1

What is the role of nonoverlapping channels in a wireless environment?

  • A. to increase bandwidth
  • B. to stabilize the RF environment
  • C. to allow for channel bonding
  • D. to reduce interference
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Question #806 Topic 1

What are two advantages of implementing a controller-based architecture instead of traditional network architecture? (Choose two.)

  • A. It allows for seamless connectivity to virtual machines.
  • B. It increases security against denial-of-service attacks.
  • C. It supports complex and high-scale IP addressing schemes.
  • D. It enables configuration task automation.
  • E. It provides increased scalability and management options.
Reveal Solution Hide Solution   Discussion  

Correct Answer: DE 🗳️

Question #807 Topic 1

What is the purpose of the service-set identifier?

  • A. It identifies the wireless network to which an application must connect.
  • B. It identifies the wired network to which a network device is connected.
  • C. It identifies the wired network to which a user device is connected.
  • D. It identifies a wireless network for a mobile device to connect.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: B 🗳️

Question #808 Topic 1

Which is a fact related to FTP?

  • A. It always operates without user authentication.
  • B. It uses block numbers to identify and mitigate data-transfer errors.
  • C. It uses two separate connections for control and data traffic.
  • D. It relies on the well-known UDP port 69.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #809 Topic 1

How do UTP and STP cables compare?

  • A. UTP cables provide faster and more reliable data transfer rates and STP cables are slower and less reliable.
  • B. STP cables are shielded and protect against electromagnetic interference and UTP lacks the same protection against electromagnetic interference.
  • C. STP cables are cheaper to procure and easier to install and UTP cables are more expensive and harder to install.
  • D. UTP cables are less prone to crosstalk and interference and STP cables are more prone to crosstalk and interference.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #810 Topic 1

What are two disadvantages of a full-mesh topology? (Choose two.)

  • A. It requires complex configuration.
  • B. It needs a high MTU between sites.
  • C. It works only with BGP between sites.
  • D. It has a high implementation cost.
  • E. It must have point-to-point communication.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: AD 🗳️

Question #811 Topic 1

DRAG DROP
-

Drag and drop the wireless standards from the left onto the number of nonoverlapping channels they support on the right.

Reveal Solution Hide Solution   Discussion   7

Correct Answer:

Question #812 Topic 1

Which technology allows for multiple operating systems to be run on a single host computer?

  • A. virtual routing and forwarding
  • B. virtual device contexts
  • C. network port ID virtualization
  • D. server virtualization
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #813 Topic 1

Why would an administrator choose to implement an automated network management solution?

  • A. to reduce operational costs
  • B. to support simpler password policies
  • C. to enable “box by box” configuration and deployment
  • D. to limit recurrent management costs
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #814 Topic 1

What is a function of the core and distribution layers in a collapsed-core architecture?

  • A. The router can support HSRP for Layer 2 redundancy in an IPv6 network.
  • B. The core and distribution layers are deployed on two different devices to enable failover.
  • C. The router operates on a single device or a redundant pair.
  • D. The router must use IPv4 and IPv6 addresses at Layer 3.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #815 Topic 1

What must be considered before deploying virtual machines?

  • A. resource limitations, such as the number of CPU cores and the amount of memory
  • B. support for physical peripherals, such as monitors, keyboards, and mice
  • C. whether to leverage VSM to map multiple virtual processors to two or more virtual machines
  • D. location of the virtual machines within the data center environment
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #816 Topic 1

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

  • A. It is less expensive when purchasing patch cables.
  • B. It carries electrical current further distances for PoE devices.
  • C. It provides greater throughput options.
  • D. It has a greater sensitivity to changes in temperature and moisture.
  • E. It carries signals for longer distances.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: CE 🗳️

Question #817 Topic 1

What are two behaviors of a point-to-point WAN topology? (Choose two.)

  • A. It leverages a dedicated connection.
  • B. It provides direct connections betwaen each router in the topology.
  • C. It delivers redundancy between the central office and branch offices.
  • D. It uses a single router to route traffic between sites.
  • E. It connects remote networks through a single line.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: BD 🗳️

Question #818 Topic 1

What is a link-local all-nodes IPv6 multicast address?

  • A. ff02:0:0:0:0:0:0:1
  • B. 2004:33c:94d9:431e:255::
  • C. fffe:034:0dd:45d6:789e::
  • D. fe80:4433:034:0dd::2
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #819 Topic 1

Which is a reason to implement IPv4 private addressing?

  • A. Comply with PCI regulations.
  • B. Reduce the size of the forwarding table on network routers.
  • C. Reduce the risk of a network security breach.
  • D. Comply with local law.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #820 Topic 1

Which signal frequency appears 60 times per minute?

  • A. 1 Hz signal
  • B. 1 GHz signal
  • C. 60 Hz signal
  • D. 60 GHz signal
Reveal Solution Hide Solution   Discussion   13

Correct Answer: A 🗳️

Question #821 Topic 1

What is a function of spine-and-leaf architecture?

  • A. offers predictable latency of the traffic path between end devices
  • B. mitigates oversubscription by adding a layer of leaf switches
  • C. exclusively sends multicast traffic between servers that are directly connected to the spine
    D.limits payload size of traffic within the leaf layer
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #822 Topic 1

What is a function of an endpoint?

  • A. It passes unicast communication between hosts in a network.
  • B. It transmits broadcast traffic between devices in the same VLAN.
  • C. It provides security between trusted and untrusted sections of the network.
  • D. It is used directly by an individual user to access network services.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #823 Topic 1

What is a function of MAC address learning?

  • A. It is disabled by default on all interfaces connected to trunks.
  • B. It increases security on the management VLAN.
  • C. It is enabled by default on all VLANs and interfaces.
  • D. It increases the potential for MAC address flooding.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #824 Topic 1

Which IPv6 address range is suitable for anycast addresses for distributed services such as DHCP or DNS?

  • A. FF00:1/12
  • B. 2001:db8:0234:ca3e::1/128
  • C. FE80::1/10
  • D. 2002:db84:3f30:ca84:be76:2/64
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #825 Topic 1

What is a similarity between OM3 and OM4 fiber optic cable?

  • A. Both have a 62.5 micron core diameter.
  • B. Both have a 100 micron core diameter.
  • C. Both have a 50 micron core diameter.
  • D. Both have a 9 micron core diameter.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #826 Topic 1

Which device segregates a network into separate zones that have their own security policies?

  • A. IPS
  • B. switch
  • C. access point
  • D. firewall
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #827 Topic 1

What is the primary purpose of private address space?

  • A. limit the number of nodes reachable via the Internet
  • B. simplify the addressing in the network
  • C. conserve globally unique address space
  • D. reduce network complexity
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #828 Topic 1

What is a characteristic of a collapsed-core network topology?

  • A. It enables all workstations in a SOHO environment to connect on a single switch with internet access.
  • B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel.
  • C. It allows wireless devices to connect directly to the core layer, which enables faster data transmission.
  • D. It allows the core and distribution layers to run as a single combined layer.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #829 Topic 1

A technician receives a report of network slowness and the issue has been isolated to the interface FastEthemet0/13. What is the root cause of the issue?

FastEthernet0/13 is up, line protocol is up
Hardware is Fast Ethernet, address is 0001.4d27.66cd (bia 0001.4d27.66cd)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 250/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set

Keepalive not set -
Auto-duplex (Full) Auto Speed (100), 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 18:52:43, output 00:00:01, output hang never
Last clearing of “show interface” counters never

Queueing strategy: fifo -
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 12000 bits/sec, 6 packets/sec
5 minute output rate 24000 bits/sec, 6 packets/sec
14488019 packets input, 2434163609 bytes
Received 345348 broadcasts, 0 runts, 0 giants, 0 throttles
261028 input errors, 259429 CRC, 1599 frame, 0 overrun, 0 ignored
0 watchdog, 84207 multicast
0 input packets with dribble condition detected
19658279 packets output, 3529106068 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

  • A. local buffer overload
  • B. err-disabled port on the far end
  • C. physical errors
  • D. duplicate IP addressing
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #830 Topic 1

What occurs when overlapping Wi-Fi channels are implemented?

  • A. Users experience poor wireless network performance.
  • B. Wireless devices are unable to distinguish between different SSIDs.
  • C. The wireless network becomes vulnerable to unauthorized access.
  • D. Network communications are open to eavesdropping.
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #831 Topic 1



Refer to the exhibit. An administrator received a call from a branch office regarding poor application performance hosted at the headquarters. Ethernet 1 is connected between Router1 and the LAN switch. What identifies the issue?

  • A. The MTU is not set to the default value.
  • B. There is a duplex mismatch.
  • C. The QoS policy is dropping traffic.
  • D. The link is over utilized.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #832 Topic 1

DRAG DROP
-

Drag and drop the cloud-computing components from the left onto the correct descriptions on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #833 Topic 1

What is the functionality of the Cisco DNA Center?

  • A. IP address pool distribution scheduler
  • B. data center network policy controller
  • C. console server that permits secure access to all network devices
  • D. software-defined controller for automation of devices and services
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #834 Topic 1



Refer to the exhibit. Which configuration enables an EtherChannel to form dynamically between SW1 and SW2 by using an industry-standard protocol, and to support full IP connectivity between all PCs?

  • A. SW1#
    interface Gi0/1
    switchport
    switchport mode access
    channel-group 1 mode active
    !
    interface Gi0/2
    switchport
    switchport mode access
    channel-group 1 mode active

    SW2#
    interface Gi0/1
    switchport
    switchport mode access
    channel-group 1 mode desirable
    !
    interface Gi0/2
    switchport
    switchport mode access
    channel-group 1 mode desirable
  • B. SW1#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode on
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode auto

    SW2#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode auto
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode on
    interface port-channel 1
    switchport
    switchport mode trunk
  • C. SW1#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode active
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode active

    SW2#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode passive
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode passive
  • D. SW1#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode auto
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode auto

    SW2#
    interface Gi0/1
    switchport
    switchport mode trunk
    channel-group 1 mode desirable
    !
    interface Gi0/2
    switchport
    switchport mode trunk
    channel-group 1 mode desirable
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #835 Topic 1

Which functionality is provided by the console connection on a Cisco WLC?

  • A. HTTP-based GUI connectivity
  • B. secure in-band connectivity for device administration
  • C. out-of-band management
  • D. unencrypted in-band connectivity for file transfers
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #836 Topic 1



Refer to the exhibit. Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.



What does the switch do when it receives the frame from host D?

  • A. It floods the frame out of every ports except the source port.
  • B. It creates a broadcast storm.
  • C. It shuts down the source port and places it in err-disable mode.
  • D. It drops the frame from the MAC table of the switch.
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #837 Topic 1



Refer to the exhibit. A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.)

  • A. Enable the Status option.
  • B. Set the Radio Policy option to 802.11g Only.
  • C. Set the Radio Policy option to 802.11a Only.
  • D. Set the Interface/Interface Group(G) to an interface other than guest.
  • E. Enable the Broadcast SSID option.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: AE 🗳️

Question #838 Topic 1

How does Rapid PVST+ create a fast loop-free network topology?

  • A. It uses multiple active paths between end stations.
  • B. It requires multiple links between core switches.
  • C. It maps multiple VLANs into the same spanning-tree instance.
  • D. It generates one spanning-tree instance for each VLAN.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #839 Topic 1

Which two functions does a WLC perform in the lightweight access-point architecture that an AP performs independently in an autonomous architecture? (Choose two.)

  • A. managing RF channels, including transmission power
  • B. handling the association, authentication, and roaming of wireless clients
  • C. sending and processing beacon frames
  • D. encrypting and decrypting traffic that uses the WAP protocol family
  • E. preventing collisions between wireless clients on the same RF channel
Reveal Solution Hide Solution   Discussion   1

Correct Answer: AB 🗳️

Question #840 Topic 1



Refer to the exhibit. A network engineer is configuring a wireless LAN with Web Passthrough Layer 3 Web Policy. Which action must the engineer take to complete the configuration?

  • A. Set the Layer 2 Security to 802.1X.
  • B. Enable TKIP and CCMP256 WPA2 Encryption.
  • C. Enable the WPA Policy.
  • D. Set the Layer 2 Security to None.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #841 Topic 1

A network administrator plans an update to the WI-FI networks in multiple branch offices. Each location is configured with an SSID called “Office”. The administrator wants every user who connects to the SSID at any location to have the same access level. What must be set the same on each network to meet the requirement?

  • A. radio policy
  • B. profile name
  • C. NAS-ID configuration
  • D. security policies
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #842 Topic 1



Refer to the exhibit. The P2P Blocking Action option is disabled on the WLC. The security team has a new requirement for each client to retain their assigned IP addressing as the clients move between locations in the campus network. Which action completes this configuration?

  • A. Enable the Static IP Tunneling option.
  • B. Disable the Coverage Hole Detection option.
  • C. Set the P2P Blocking Action option to Forward-UpStream.
  • D. Check the DHCP Addr. Assignment check box.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #843 Topic 1



Refer to the exhibit. A multivendor network exists and the company is implementing VoIP over the network for the first time. Which configuration is needed to implement the neighbor discovery protocol on the interface and allow it to remain off for the remaining interfaces?

  • A. SW1(config)#lldp run -
    SW1(config)#interface gigabitethernet1/0/1
    SW1(config-if)#lldp enable
  • B. SW1(config)#no cdp run -
    SW1(config)#interface gigabitethernet1/0/1

    SW1(config-if)#lldp transmit -
    SW1(config-if)#lldp receive
  • C. SW1(contig)#lldp enable -
    SW1(config)#interface gigabitethernet1/0/1
    SW1(config-if)#lldp run
  • D. SW1(config)#no cdp enable -
    SW1(config)#interface gigabitethernet1/0/1
    SW1(config-if)#cdp run
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Question #844 Topic 1



Refer to the exhibit. Routers R1, R2, and R3 use a protocol to identify the neighbors’ IP addresses, hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

  • A. Configure the no lldp receive command on g0/1.
  • B. Configure the no cdp run command globally.
  • C. Configure the no cdp enable command on g0/2.
  • D. Configure the no lldp run command globally.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Question #845 Topic 1

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

  • A. Set the QoS level to silver or greater for voice traffic.
  • B. Configure two different QoS roles for data and voice traffic.
  • C. Enable Media Session Snooping on the WLAN.
  • D. Set the QoS level to platinum for voice traffic.
  • E. Enable traffic shaping for the LAN interface of the WLC.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: BD 🗳️

Question #846 Topic 1



Refer to the exhibit. A network administrator configures an interface on a new switch so that it connects to interface Gi1/0/1 on switch Cat9300-1. Which configuration must be applied to the new interface?

  • A. switchport mode trunk
    switchport trunk native vlan 321
    switchport trunk allowed vlan 100,200,300
  • B. switchport mode dynamic desirable
    switchport trunk native vlan 321
    switchport trunk allowed vian 100,200,300
  • C. switchport trunk encapsulation dot1q
    switchport trunk native vlan 321
    switchport trunk allowed vlan 100-300
  • D. switchport nonegotiate
    switchport access vlan 321
    switchport trunk allowed vlan except 2-1001
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #847 Topic 1

Which command enables HTTP access to the Cisco WLC?

  • A. config network telnet enable
  • B. config network secureweb enable
  • C. config certificate generate webadmin
  • D. config network webmode enable
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #848 Topic 1

Which port state processes BPDUs, but does not forward packets or update the address database in Rapid PVST+?

  • A. blocking
  • B. learning
  • C. listening
  • D. disabled
Reveal Solution Hide Solution   Discussion   26

Correct Answer: A 🗳️

Question #849 Topic 1

A switch is forwarding a frame out of all interfaces except the interface that received the frame. What is the technical term for this process?

  • A. ARP
  • B. CDP
  • C. flooding
  • D. multicast
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #850 Topic 1



Refer to the exhibit. Rapid PVST+ mode is on the same VLAN on each switch. Which switch becomes the root bridge and why?

  • A. SW4, because its priority is highest and its MAC address is lower
  • B. SW1, because its priority is the lowest and its MAC address is higher
  • C. SW2, because its MAC address is the highest
  • D. SW3, because its priority is the highest
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #851 Topic 1

Which EtherChannel mode must be configured when using LAG on a WLC?

  • A. on
  • B. passive
  • C. active
  • D. auto
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #852 Topic 1

DRAG DROP
-

Drag and drop the VLAN port modes from the left onto the descriptions on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #853 Topic 1

Which switch concept is used to create separate broadcast domains?

  • A. STP
  • B. VTP
  • C. VLAN
  • D. CSMA/CD
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #854 Topic 1

How must a switch interface be configured when an AP is in FlexConnect mode?

  • A. access port
  • B. EtherChannel
  • C. PoE port
  • D. trunk port
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #855 Topic 1

What are two features of PortFast? (Choose two.)

  • A. Convergence is fast after a link failure.
  • B. STP loops are mitigated for uplinks to other switches.
  • C. Ports transition directly from the blocking state to the forwarding state.
  • D. Ports operate normally without receiving BPDUs.
  • E. Ports that connect to the backbone automatically detect indirect link failures.
Reveal Solution Hide Solution   Discussion   19

Correct Answer: BC 🗳️

Question #856 Topic 1

What is the root port in STP?

  • A. It is the port with the highest priority toward the root bridge.
  • B. It is the port on the root switch that leads to the designated port on another switch.
  • C. It is the port that is elected only when the root bridge has precisely one port on a single LAN segment.
  • D. It is the port on a switch with the lowest cost to reach the root bridge.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #857 Topic 1

When a switch receives a frame from an unknown source MAC address, which action does the switch take with the frame?

  • A. It sends the frame to ports within the CAM table identified with an unknown source MAC address.
  • B. It floods the frame out all interfaces, including the interface it was received on.
  • C. It associates the source MAC address with the LAN port on which it was received and saves it to the MAC address table.
  • D. It attempts to send the frame back to the source to ensure that the source MAC address is still available for transmissions.
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #858 Topic 1

When the LAG configuration is updated on a Cisco WLC, which additional task must be performed when changes are complete?

  • A. Reboot the WLC.
  • B. Flush all MAC addresses from the WLC.
  • C. Re-enable the WLC interfaces.
  • D. Re-associate the WLC with the access point.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #859 Topic 1



Refer to the exhibit. An engineer ts building a new Layer 2 LACP EtherChannel between SW1 and SW2, and they executed the given show commands to verify the work. Which additional task must be performed so that the switches successfully bundle the second member in the LACP port-channel?

  • A. Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1.
  • B. Configure the switchport trunk allowed vlan add 300 command on interface Fa0/2 on SW2.
  • C. Configure the switchport trunk allowed vlan add 300 command on SW1 port-channel 1.
  • D. Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #860 Topic 1



Refer to the exhibit. VLAN 23 is being implemented between SW1 and SW2. The command show interface ethernet0/0 switchport has been issued on SW1. Ethernet0/0 on SW1 is the uplink to SW2. Which command when entered on the uplink interface allows PC 1 and PC 2 to communicate without impact to the communication between PC 11 and PC 12?

  • A. switchport trunk allowed vlan 2-1001
  • B. switchport trunk allowed vlan 23
  • C. switchport trunk allowed vian add 23
  • D. switchport trunk allowed vian 22-23
Reveal Solution Hide Solution   Discussion   18

Correct Answer: A 🗳️

Question #861 Topic 1

A network engineer starts to implement a new wireless LAN by configuring the authentication server and creating the dynamic interface. What must be performed next to complete the basic configuration?

  • A. Create the new WLAN and bind the dynamic interface to it.
  • B. Configure high availability and redundancy for the access points.
  • C. Enable Telnet and RADIUS access on the managoment interface.
  • D. Install the management interface and add the management IP.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #862 Topic 1



Refer to the exhibit. An architect is managing a wireless network with APs from several branch offices connecting to the WLC in the data center. There is a new requirement for a single WLAN to process the client data traffic without sending it to the WLC. Which action must be taken to complete the request?

  • A. Enable local HTTP profiling.
  • B. Enable FlexConnect Local Switching.
  • C. Enable local DHCP Profiling.
  • D. Enable Disassociation Imminent.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #863 Topic 1

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?

  • A. The APs must be connected to the switch with multiple links in LAG mode.
  • B. The native VLAN must match the management VLAN of the AP.
  • C. The switch port mode must be set to trunk.
  • D. IEEE 802.1Q trunking must be disabled on the switch port.
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #864 Topic 1

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatically logged out?

  • A. config sessions maxsessions 0
  • B. config serial timeout 9600
  • C. config serial timeout 0
  • D. config sessions timeout 0
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #865 Topic 1

A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters. Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage. Which access point mode must be selected?

  • A. Lightweight with local switching disabled
  • B. FlexConnect with local switching enabled
  • C. OfficeExtend with high availability disabled
  • D. Local with AP fallback enabled
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #866 Topic 1

What is an advantage of using auto mode versus static mode for power allocation when an access point is connected to a PoE switch port?

  • A. Power policing is enabled at the same time.
  • B. The default level is used for the access point.
  • C. All four pairs of the cable are used.
  • D. It detects the device is a powered device.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #867 Topic 1



Refer to the exhibit. Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration?

  • A. Check the Guest User Role check box.
  • B. Uncheck the Guest User check box.
  • C. Set the Lifetime (seconds) value to 0.
  • D. Clear the Lifetime (seconds) value.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #868 Topic 1

DRAG DROP
-

Drag and drop the wireless architecture benefits from the left onto the architecture types on the right.

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #869 Topic 1

What is a specification for SSIDs?

  • A. They must include one number and one letter.
  • B. They are a Cisco proprietary security feature.
  • C. They are case sensitive.
  • D. They define the VLAN on a switch.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #870 Topic 1

What is a reason to configure a trunk port that connects to a WLC distribution port?

  • A. Provide redundancy if there is a link failure for out-of-band management.
  • B. Allow multiple VLANs to be used in the data path.
  • C. Permit multiple VLANs to provide out-of-band management.
  • D. Eliminate redundancy with a link failure in the data path.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #871 Topic 1

DRAG DROP
-

Drag and drop the WLAN components from the left onto the correct descriptions on the right.

Reveal Solution Hide Solution   Discussion   10

Correct Answer:

Question #872 Topic 1



Refer to the exhibit. A Cisco WLC administrator is creating a new wireless network with enhanced SSID security. The new network must operate at 2.4 Ghz with 54 Mbps of throughput. Which set of tasks must the administrator perform to complete the configuration?

  • A. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11a/g only.
  • B. Check the Broadcast SSID check box and set the Radio Policy to 802.11g only.
  • C. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only.
  • D. Check the Broadcast SSID check box and set the Radio Policy to 802.11a only.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #873 Topic 1

Which switching feature removes unused MAC addresses from the MAC address table, which allows new MAC addresses to be added?

  • A. MAC address aging
  • B. MAC move
  • C. MAC address auto purge
  • D. dynamic MAC address learning
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #874 Topic 1



Refer to the exhibit. A network engineer configures the CCNA WLAN so that clients must reauthenticate hourly and to limit the number of simultaneous connections to the WLAN to 10. Which two actions complete this configuration? (Choose two.)

  • A. Enable the Wi-Fi Direct Clients Policy option
  • B. Enable the Enable Session Timeout option and set the value to 3600.
  • C. Enable the Client Exclusion option and set the value to 3600.
  • D. Set the Maximum Allowed Clients value to 10.
  • E. Set the Maximum Allowed Clients Per AP Radio value to 10.
Reveal Solution Hide Solution   Discussion  

Correct Answer: BD 🗳️

Question #875 Topic 1



Refer to the exhibit. The SW1 and SW2 Gi0/0 ports have been preconfigured. An engineer is given these requirements:
• Allow all PCs to communicate with each other at Layer 3.
• Configure untagged traffic to use VLAN 5.
• Disable VLAN 1 from being used.

Which configuration set meets these requirements?

  • A. SW1#
    interface Gi0/1
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108
    switchport trunk native vlan 5

    interface Gi0/2
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108

    SW2#
    interface Gi0/1
    switchport mode access
    switchport access vlan 7

    interface Gi0/7
    switchport mode trunk
    switchport trunk allowed vlan 7,9,108
  • B. SW1#
    interface Gi0/1
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108
    switchport trunk native vlan 5

    interface Gi0/2
    switchport mode access
    switchport trunk allowed vlan 7,9,108

    SW2#
    interface Gi0/1
    switchport mode access
    no switchport access vlan 1
    switchport access vlan 7

    interface Gi0/7
    switchport mode trunk
    switchport trunk allowed vlan 7,9,108
    switchport trunk native vlan 5
  • C. SW#1 -
    interface Gi0/1
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108
    switchport trunk native vlan 5

    interface Gi0/2
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108

    SW2#
    interface Gi0/1
    switchport mode access
    switchport access vlan 7

    interface Gi0/7
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108
    switchport trunk native vlan 5
  • D. SW1#
    interface Gi0/1
    switchport mode trunk
    switchport trunk allowed vian 5,7,9,108

    interface Gi0/2
    switchport mode trunk
    switchport trunk allowed vlan 7,9,108

    SW2#
    interface Gi0/1
    switchport mode trunk
    switchport trunk allowed vlan 7

    interface Gi0/7
    switchport mode trunk
    switchport trunk allowed vlan 5,7,9,108
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #876 Topic 1



Refer to the exhibit. How must router A be configured so that it only sends Cisco Discovery Protocol information to router C?

  • A. #config t

    Router A (config)#no cdp run -
    Router A (config)#interface gi0/0/1

    Router A (config-if)#cdp enable -
  • B. #config t

    Router A (config)#cdp run -
    Router A (config)#interface gi0/0/0
    Router A (config-if)#no cdp enable


    C.#config t -

    Router A (config)#cdp run -
    Router A (config)#interface gi0/0/1

    Router A (config-if)#cdp enable -
  • D. #config t

    Router A (config)#cdp run -
    Router A (config)#interface gi0/0/0
    Router A (config-if)#cdp enable
Reveal Solution Hide Solution   Discussion   21

Correct Answer: A 🗳️

Question #877 Topic 1



Refer to the exhibit. An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement?

  • A. interface gi0/1
    no cdp enable
  • B. interface gi0/0
    no cdp run
  • C. interface gi0/0
    no cdp advertise-v2
  • D. interface gi0/1
    clear cdp table
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️

Question #878 Topic 1

Which WLC port connects to a switch to pass normal access-point traffic?

  • A. redundancy
  • B. service
  • C. console
  • D. distribution system
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #879 Topic 1

Which default condition must be considered when an encrypted mobility tunnel is used between two Cisco WLCs?

  • A. The tunnel uses the IPses protocol for encapsulation.
  • B. Control and data traffic encryption are enabled.
  • C. The tunnel uses the EoIP protocol to transmit data traffic.
  • D. TCP port 443 and UDP 21 are used.
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #880 Topic 1



Refer to the exhibit. After a recent internal security audit, the network administrator decided to block all P2P-capable devices from the selected SSID. Which configuration setting must the administrator apply?

  • A. Set the Wi-Fi Direct Client Policy to Not-Allow.
  • B. Select a correctly configured Layer 2 ACL.
  • C. Set the MFP Client Protection to Required.
  • D. Set the P2P Block Action to Drop.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Question #881 Topic 1

What is the primary purpose of a console port on a Cisco WLC?

  • A. in-band management via an asynchronous transport
  • B. in-band management via an IP transport
  • C. out-of-band management via an asynchronous transport
  • D. out-of-band management via an IP transport
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #882 Topic 1

Which port type does a lightweight AP use to connect to the wired network when it is configured in local mode?

  • A. EtherChannel
  • B. access
  • C. LAG
  • D. trunk
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Question #883 Topic 1

Which step immediately follows receipt of the EAP success message when session resumption is disabled for an EAP-TLS connection?

  • A. PMKID caching
  • B. four-way handshake
  • C. 802.1X authentication
  • D. EAPOL-key frame
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #884 Topic 1



Refer to the exhibit. All interfaces are in the same VLAN. All switches are configured with the default STP priorities. During the STP elections, which switch becomes the root bridge?

  • A. MDF-DC-1: 08:E0:43:42:70:13
  • B. MDF-DC-2: 08:0E:18:22:05:97
  • C. MDF-DC-4: 08:E0:19:A1:B3:19
  • D. MDF-DC-3: 08:0E:18:1A:3C:9D
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #885 Topic 1

What are two port types used by a Cisco WLC for out-of-band management? (Choose two.)

  • A. service
  • B. console
  • C. management
  • D. distribution system
  • E. redundant
Reveal Solution Hide Solution   Discussion   4

Correct Answer: AB 🗳️

Question #886 Topic 1

What is a reason to implement LAG on a Cisco WLC?

  • A. Allow for stateful failover between WLCs.
  • B. Increase security by encrypting management frames.
  • C. Increase the available throughput on the link.
  • D. Enable the connected switch ports to use different Layer 2 configurations.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Question #887 Topic 1

A wireless access point is needed and must meet these requirements:
• “zero-touch” deployed and managed by a WLC
• process only real-time MAC functionality
• used in a split-MAC architecture

Which access point type must be used?

  • A. mesh
  • B. autonomous
  • C. lightweight
  • D. cloud-based
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #888 Topic 1

Which interface is used for out-of-band management on a WLC?

  • A. management
  • B. virtual
  • C. dynamic
  • D. service port
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #889 Topic 1



Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?

  • A. It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.
  • B. It processes VTP updates from any VTP clients on the network on its access ports.
  • C. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
  • D. It forwards only the VTP advertisements that it receives on its trunk ports.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #890 Topic 1

A network engineer is upgrading a small data center to host several new applications, including server backups that are expected to account for up to 90% of the bandwidth during peak times. The data center connects to the MPLS network provider via a primary circuit and a secondary circuit. How does the engineer inexpensively update the data center to avoid saturation of the primary circuit by traffic associated with the backups?

  • A. Assign traffic from the backup servers to a dedicated switch.
  • B. Place the backup servers in a dedicated VLAN.
  • C. Advertise a more specific route for the backup traffic via the secondary circuit.
  • D. Configure a dedicated circuit for the backup traffic.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #891 Topic 1



Refer to the exhibit. A network engineer started to configure two directly-connected routers as shown. Which command sequence must the engineer configure on R2 so that the two routers become OSPF neighbors?

  • A. interface GigabitEthernet0/1
    ip ospf 1 area 1
  • B. router ospf 1
    network 192.168.12.1 0.0.0.0 area 1
  • C. interface GigabitEthernet0/1
    ip ospf 1 area 0
  • D. router ospf 1
    network 192.168.12.0 0.0.0.127 area 0
Reveal Solution Hide Solution   Discussion   21

Correct Answer: D 🗳️

Question #892 Topic 1



Refer to the exhibit. What does route 10.0.1.3/32 represent in the routing table?

  • A. all hosts in the 10.0.1.0 subnet
  • B. a single destination address
  • C. the source 10.0.1.100
  • D. the 10.0.0.0 network
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #893 Topic 1



Refer to the exhibit. Router R14 is in the process of being configured. Which configuration must be used to establish a host route to a PC 10?

  • A. ip route 10.80.65.10 255.255.255.254 10.80.65.1
  • B. ip route 10.80.65.10 255.255.255.255 10.73.65.66
  • C. ip route 10.73.65.66 0.0.0.255 10.80.65.10
  • D. ip route 10.73.65.66 255.0.0.0 10.80.65.10
Reveal Solution Hide Solution   Discussion   18

Correct Answer: D 🗳️

Question #894 Topic 1



Refer to the exhibit. Which next-hop IP address has the least desirable metric when sourced from R1?

  • A. 10.10.10.4
  • B. 10.10.10.5
  • C. 10.10.10.3
  • D. 10.10.10.2
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Question #895 Topic 1



Refer to the exhibit. The New York router must be configured so that traffic to 2000::1 is sent primarily via the Atlanta site, with a secondary path via Washington that has an administrative distance of 2. Which two commands must be configured on the New York router? (Choose two.)

  • A. ipv6 route 2000::1/128 2012::1
  • B. ipv6 route 2000::1/128 2012::1 5
  • C. ipv6 route 2000::1/128 2012::2
  • D. ipv6 route 2000::1/128 2023::2 5
  • E. ipv6 route 2000::1/128 2023::3 2
Reveal Solution Hide Solution   Discussion  

Correct Answer: AE 🗳️

Question #896 Topic 1



Refer to the exhibit. The primary route across Gi0/0 is configured on both routers. A secondary route must be configured to establish connectivity between the workstation networks. Which command set must be configured to complete this task?

  • A. R1 -
    ip route 172.16.2.0 255.255.255.248 172.16.0.5 110

    R2 -
    ip route 172.16.1.0 255.255.255.0 172.16.0.6 110
  • B. R1 -
    ip route 172.16.2.0 255.255.255.240 172.16.0.2 113

    R2 -
    ip route 172.16.1.0 255.255.255.0 172.16.0.1 114
  • C. R1 -
    ip route 172.16.2.0 255.255.255.224 172.16.0.6 111

    R2 -
    ip route 172.16.1.0 255.255.255.0 172.16.0.5 112
  • D. R1 -
    ip route 172.16.2.0 255.255.255.240 172.16.0.5 89

    R2 -
    ip route 172.16.1.0 255.255.255.0 172.16.0.6 89
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #897 Topic 1

DRAG DROP
-



Refer to the exhibit. Drag and drop the destination IPs from the left pnto the paths to reach those destinations on the right.

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #898 Topic 1



Refer to the exhibit. Which two values does router R1 use to determine the best path to reach destinations in network 1.0.0.0/8? (Choose two.)

  • A. lowest cost to reach the next hop
  • B. highest administrative distance
  • C. lowest metric
  • D. highest metric
  • E. longest prefix match
Reveal Solution Hide Solution   Discussion   11

Correct Answer: BC 🗳️

Question #899 Topic 1



Refer to the exhibit. A public IPv6 address must be configured for internet access. Which command must be configured on the R2 WAN interface to the service provider?

  • A. ipv6 address fe80::/10
  • B. ipv6 address 2001:db8:433:37:7710:ffff:ffff:ffff/64 anycast
  • C. ipv6 address 2001:db8:123:45::4/64
  • D. ipv6 address fe80::260:3EFF:FE11:6770 link-local
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #900 Topic 1

DRAG DROP
-



Refer to the exhibit. Drag and drop the subnet masks from the left onto the corresponding subnets on the right. Not all subnet masks are used.

Reveal Solution Hide Solution   Discussion   12

Correct Answer:

Question #901 Topic 1



Refer to the exhibit. A network engineer must configure router R1 with a host route to the server. Which command must the engineer configure?

  • A. R1(config)#ip route 10.10.10.10 255.255.255.255 192.168.0.2
  • B. R1(config)#ip route 10.10.10.0 255.255.255.0 192.168.0.2
  • C. R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.2
  • D. R1(config)#ip route 192.168.0.2 255.255.255.255 10.10.10.10
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #902 Topic 1



Refer to the exhibit. IPv6 is being implemented within the enterprise. The command ipv6 unicast-routing is configured. Interface Gig0/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block. Which command accomplishes this task?

  • A. ipv6 address 2001:DB8:FFFF:FCF3::64 link-local
  • B. ipv6 address 2001:DB8:FFFF:FCF3::1/64
  • C. ipv6 address 2001:DB8:FFFF:FCF3::64 eui-64
  • D. ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #903 Topic 1



Refer to the exhibit. With which metric does router R1 learn the route to host 172.16.0.202?

  • A. 90
  • B. 110
  • C. 32445
  • D. 3184439
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #904 Topic 1



Refer to the exhibit. A network engineer must configure the link with these requirements:
• Consume as few IP addresses as possible.
• Leave at least two additional useable IP addresses for future growth.

Which set of configurations must be applied?

  • A. R1(config-if)#ip address 10.10.10.1 255.255.255.252
    R2(config-if)#ip address 10.10.10.2 255.255.255.252
  • B. R1(config-if)#ip address 10.10.10.1 255.255.255.240
    R2(config-if)#ip address 10.10.10.12 255.255.255.240
  • C. R1(config-if)#ip address 10.10.10.1 255.255.255.248
    R2(config-if)#ip address 10.10.10.4 255.255.255.248
  • D. R1(config-if)#ip address 10.10.10.1 255.255.255.0
    R2(config-if)#ip address 10.10.10.5 255.255.255.0
Reveal Solution Hide Solution   Discussion   16

Correct Answer: A 🗳️

Question #905 Topic 1

DRAG DROP
-

Drag and drop the device behaviors from the left onto the matching HSRP state on the right.

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #906 Topic 1



Refer to the exhibit. A static route must be configured on R86 to forward traffic for the 172.16.34.0/29 network, which resides on R14. Which command must be used to fulfill the request?

  • A. ip route 10.73.65.65 255.255.255.248 172.16.34.0
  • B. ip route 172.16.34.0 255.255.255.248 10.73.65.65
  • C. ip route 172.16.34.0 0.0.0.7 10.73.65.64
  • D. ip route 172.16.34.0 255.255.224.0 10.73.65.66
Reveal Solution Hide Solution   Discussion   16

Correct Answer: D 🗳️

Question #907 Topic 1



Refer to the exhibit. An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN interface of R86. Which command must be executed on R14?

  • A. ip route 10.80.65.0 255.255.248.0 10.73.65.66 1
  • B. ip route 10.80.65.0 255.255.255.240 fa0/1 89
  • C. ip route 10.80.65.0 255.255.255.248 10.73.65.66 171
  • D. ip route 10.73.65.66 0.0.0.224 10.80.65.0 255
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #908 Topic 1



Refer to the exhibit. What is the next-hop IP address for R2 so that PC2 reaches the application server via EIGRP?

  • A. 192.168.30.1
  • B. 10.10.10.6
  • C. 10.10.10.5
  • D. 192.168.20.1
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #909 Topic 1

DRAG DROP
-




Reveal Solution Hide Solution   Discussion   7

Correct Answer:

Question #910 Topic 1



Refer to the exhibit. An IPv6 address must be obtained automatically on the LAN interface on R1. Which command must be implemented to accomplish the task?

  • A. ipv6 address autocontig
  • B. ipv6 address dhcp
  • C. ipv6 address fe80::/10
  • D. ipv6 address 2001:db8:d8d2:1008:4332:45:0570::/64
Reveal Solution Hide Solution   Discussion   21

Correct Answer: C 🗳️

Question #911 Topic 1



Refer to the exhibit. A network engineer is updating the configuration on router R1 to connect a new branch office to the company network. R2 has been configured correctly. Which command must the engineer configure so that devices at the new site communicate with the main office?

  • A. ip route 172.25.25.1 255.255.255.255 g0/2
  • B. ip route 172.25.25.0 255.255.255.0 192.168.2.2
  • C. ip route 172.25.25.0 255.255.255.0 192.168.2.1
  • D. ip route 172.25.25.1 255.255.255.255 g0/1
Reveal Solution Hide Solution   Discussion   11

Correct Answer: B 🗳️

Question #912 Topic 1

A network engineer must migrate a router loopback interface to the IPv6 address space. If the current IPv4 address of the interface is 10.54.73.1/32, and the engineer configures IPv6 address 0:0:0:0:0:ffff:a36:4901, which prefix length must be used?

  • A. /64
  • B. /96
  • C. /124
  • D. /128
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #913 Topic 1

A Cisco engineer notices that two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?

  • A. ip ospf dead-interval 40
  • B. ip ospf network broadcast
  • C. ip ospf priority 0
  • D. ip ospf network point-to-point
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #914 Topic 1



Refer to the exhibit. PC A is communicating with another device at IP address 10.227.225.255. Through which router does router Y route the traffic?

  • A. router A
  • B. router B
  • C. router C
  • D. router D
Reveal Solution Hide Solution   Discussion   16

Correct Answer: A 🗳️

Question #915 Topic 1



Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

  • A. 0
  • B. 1
  • C. 2
  • D. 32
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Question #916 Topic 1



Refer to the exhibit. Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?

  • A. 2001:db8::5000:00ff:fe04:0000/64
  • B. 2001:db8::4332:5800:41ff:fe06:/64
  • C. 2001:db8::5000:0004:5678:0090/64
  • D. 2001:db8::5200:00ff:fe04:0000/64
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Question #917 Topic 1

What is the benefit of using FHRP?

  • A. reduced ARP traffic on the network
  • B. balancing traffic across multiple gateways in proportion to their loads
  • C. higher degree of availability
  • D. reduced management overhead on network routers
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #918 Topic 1

Why is a first-hop redundancy protocol implemented?

  • A. to enable multiple switches to operate as a single unit
  • B. to provide load-sharing for a multilink segment
  • C. to prevent loops in a network
  • D. to protect against default gateway failures
Reveal Solution Hide Solution   Discussion   13

Correct Answer: C 🗳️

Question #919 Topic 1



Refer to the exhibit. A network engineer executes the show ip route command on router D. What is the next hop to network 192.168.1.0/24 and why?

  • A. The next hop is 10.0.2.1 because it uses distance vector routing.
  • B. The next hop is 10.0.0.1 because it has a higher metric.
  • C. The next hop is 10.0.2.1 because it is a link-state routing protocol.
  • D. The next hop is 10.0.0.1 because it has a better administrative distance.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #920 Topic 1

What is a similarity between global and unique local IPv6 addresses?

  • A. They use the same process for subnetting.
  • B. They are part of the multicast IPv6 group type.
  • C. They are routable on the global internet.
  • D. They are allocated by the same organization.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #921 Topic 1

An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface?

  • A. ipv6 address 2001:db8::700:3:400F:572B
  • B. ipv6 address 2001:db8:0::700:3:4F:572B
  • C. ipv6 address 2001::db8:0000::700:3:400F:572B
  • D. ipv6 address 2001:0db8::7:3:4F:572B
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #922 Topic 1



Refer to the exhibit. A packet that is sourced from 172.16.3.254 is destined for the IP address of GigabitEthernet0/0/0. What is the subnet mask of the destination route?

  • A. 0.0.0.0
  • B. 255.255.254.0
  • C. 255.255.255.0
  • D. 255.255.255.255
Reveal Solution Hide Solution   Discussion   16

Correct Answer: C 🗳️

Question #923 Topic 1



Refer to the exhibit. The iPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. Which address must be used?

  • A. ipv6 address 2001:DB8:D8D2:1009:10A0:ABFF:FECC:1 eui-64
  • B. ipv6 address 2001:DB8:D8D2:1009:1230:ABFF:FECC:1 eui-64
  • C. ipv6 address 2001:DB8:D8D2:1009:4331:89FF:FF23:9 eui-64
  • D. ipv6 address 2001:DB8:D8D2:1009:12A0:AB34:FFCC:1 eui-64
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #924 Topic 1



Refer to the exhibit. According to the output, which parameter set is validated using the routing table of R7?

  • A. R7 is missing a gateway of last resort.
    R7 is receiving routes that were redistributed in EIGRP.
    R7 will forward traffic destined to 10.90.8.0/24.
  • B. R7 has a gateway of last resort available.
    R7 is receiving routes that were redistributed from BGP.
    R7 will drop traffic destined to 10.90.8.0/24.
  • C. R7 is missing a gateway of last resort.
    R7 is receiving routes that were redistributed from BGP.
    R7 will forward traffic destined to 10.90.8.0/24.
  • D. R7 has a gateway of last resort available.
    R7 is receiving routes that were redistributed in EIGRP.
    R7 will drop traffic destined to 10.90.8.0/24.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: B 🗳️

Question #925 Topic 1

Which type of IPv4 address type helps to conserve the globally unique address classes?

  • A. loopback
  • B. multicast
  • C. private
  • D. public
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️

Question #926 Topic 1

What are two purposes of HSRP? (Choose two.)

  • A. It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot.
  • B. It improves network availability by providing redundant gateways.
  • C. It groups two or more routers to operate as one virtual router.
  • D. It passes configuration information to hosts in a TCP/IP network.
  • E. It helps hosts on the network to reach remote subnets without a default gateway.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: BC 🗳️

Question #927 Topic 1

What are two benefits for using private IPv4 addressing? (Choose two.)

  • A. They allow for Internet access from IoT devices.
  • B. They alleviate the shortage of public IPv4 addresses.
  • C. They provide a layer of security from internet threats.
  • D. They supply redundancy in the case of failure.
  • E. They offer Internet connectivity to endpoints on private networks.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: BC 🗳️

Question #928 Topic 1

DRAG DROP
-



Refer to the exhibit. OSPF is running between site A and site B. Drag and drop the destination IPs from the left onto the network segments used to reach the destination on the right.

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #929 Topic 1



Refer to the exhibit. Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A network engineer must configure R1 with a floating static route to service as a backup route to network 192.168.23. which command must the engineer configure on R1?

  • A. ip route 192.168.23.0 255.255.255.0 192.168,13.3 100
  • B. ip route 192.168.23.0 255.255.255.255 192.168.13.3 121
  • C. ip route 192.168.23.0 255.255.255.0 192.168.13.3 121
  • D. ip route 192.168.23.0 255.255.255.0 192.168.13.3
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #930 Topic 1

When deploying a new network that includes both Cisco and third-party network devices, which redundancy protocol avoids the interruption of network traffic if the default gateway router fails?

  • A. VRRP
  • B. FHRP
  • C. GLBP
  • D. HSRP
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #931 Topic 1

What are two benefits of private IPv4 addressing? (Choose two.)

  • A. propagates routing information to WAN links
  • B. provides unlimited address ranges
  • C. reuses addresses at multiple sites
  • D. conserves globally unique address space
  • E. provides external internet network connectivity
Reveal Solution Hide Solution   Discussion  

Correct Answer: CD 🗳️

Question #932 Topic 1

Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge devices or access circuits fail?

  • A. FHRP
  • B. VRRP
  • C. HSRP
  • D. SLB
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #933 Topic 1



Refer to the exhibit. Which entry is the longest prefix match for host IP address 192.168.10.5?

  • A. 1
  • B. 2
  • C. 3
  • D. 4
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #934 Topic 1



Refer to the exhibit. How does router R1 handle traffic to 172.16.1.4 /30 subnet?

  • A. It sends all traffic over the path via 172.16.9.5 using 172.16.4.4 as a backup.
  • B. It sends all traffic over the path via 10.0.1.100.
  • C. It sends all traffic over the path via 172.16.4.4.
  • D. It load-balances traffic over 172.16.9.5 and 172.16.4.4
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #935 Topic 1

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two.)

  • A. FF02::0001:FF00:0000/104
  • B. ff06:bb43:cc13:dd16:1bb:ff14:7545:234d
  • C. 2002::512:1204b:1111::1/64
  • D. 2001:701:104b:1111::1/64
  • E. ::ffff:10.14.101.1/96
Reveal Solution Hide Solution   Discussion   11

Correct Answer: CD 🗳️

Question #936 Topic 1

DRAG DROP
-



Refer to the exhibit. Drag and drop the learned prefixes from the left onto the subnet masks on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #937 Topic 1



Refer to the exhibit. Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

  • A. It floods packets to all learned next hops.
  • B. It uses a route that is similar to the destination address.
  • C. It queues the packets waiting for the route to be learned.
  • D. It discards the packets.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #938 Topic 1

DRAG DROP
-



Refer to the exhibit. The Router1 routing table has multiple methods to reach 10.10.10.0/24 as shown. The default Administrative Distance is used. Drag and drop the network conditions from the left onto the routing methods that Router1 uses on the right.

Reveal Solution Hide Solution   Discussion   7

Correct Answer:

Question #939 Topic 1

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

  • A. ip route 0.0.0.0 0.0.0.0 10.200.0.2 1
  • B. ip route 0.0.0.0 0.0.0.0 10.200.0.2 10
  • C. ip route 0.0.0.0 0.0.0.0 10.200.0.2
  • D. ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #940 Topic 1



Refer to the exhibit. After configuring a new static route on the CPE, the engineer entered this series of commands to verify that the new configuration is operating normally. When is the static default route installed into the routing table?

  • A. when a route to 203.0.113.1 is learned via BGP
  • B. when 203.0.113.1 is no longer reachable as a next hop
  • C. when the default route learned over external BGP becomes invalid
  • D. when the default route learned over external BGP changes its next hop
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #941 Topic 1



Refer to the exhibit. Packets are flowing from 192.168.10.1 to the destination at IP address 192.168.20.75. Which next hop will the router select for the packet?

  • A. 10.10.10.1
  • B. 10.10.10.11
  • C. 10.10.10.12
  • D. 10.10.10.14
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Question #942 Topic 1

A router received three destination prefixes: 10.0.0.0/8, 10.0.0.0/16, and 10.0.0.0/24. When the show ip route command is executed, which output does it return?

  • A. Gateway of last resort is 172.16.1.1 to network 0.0.0.0
    o E2 10.0.0.0/8 [110/5] via 192.168.1.1, 0:01:00, Ethernet0
    o E2 10.0.0.0/16[110/5] via 192.168.2.1, 0:01:00, Ethernet1
    o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2
  • B. Gateway of last resort is 172.16.1.1 to network 0.0.0.0
    o E2 10.0.0.0/8 [110/5] via 192.168.1.1, 0:01:00, Ethernet0
  • C. Gateway of last resort is 172.16.1.1 to network 0.0.0.0
    o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2
  • D. Gateway of last resort is 172.16.1.1 to network 0.0.0.0
    o E2 10.0.0.0/16[110/5] via 192.168.2.1, 0:01:00, Ethernet1
    o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #943 Topic 1



Refer to the exhibit. User traffic originating within site B is failing to reach an application hosted on IP address 192.168.0.10, which is located within site A. What is determined by the routing table?

  • A. The traffic is blocked by an implicit deny in an ACL on router2.
  • B. The lack of a default route prevents delivery of the traffic.
  • C. The traffic to 192.168.0.10 requires a static route to be configured in router1.
  • D. The default gateway for site B is configured incorrectly.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #944 Topic 1



Refer to the exhibit. Which two values does router R1 use to identify valid routes for the R3 loopback address 1.1.1.3/32? (Choose two.)

  • A. lowest cost to reach the next hop
  • B. highest administrative distance
  • C. lowest metric
  • D. highest metric
  • E. lowest administrative distance
Reveal Solution Hide Solution   Discussion   8

Correct Answer: CE 🗳️

Question #945 Topic 1

What is the role of community strings in SNMP operations?

  • A. It translates alphanumeric MIB output values to numeric values.
  • B. It passes the Active Directory username and password that are required for device access.
  • C. It serves as a sequence tag on SNMP traffic messages.
  • D. It serves as a password to protect access to MIB objects.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #946 Topic 1

Which syslog severity level is considered the most severe and results in the system being considered unusable?

  • A. Error
  • B. Emergency
  • C. Alert
  • D. Critical
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #947 Topic 1

The clients and DHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1?

  • A. ip route 192.168.10.1
  • B. ip dhcp address 192.168.10.1
  • C. ip default-gateway 192.168.10.1
  • D. ip helper-address 192.168.10.1
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #948 Topic 1



Refer to the exhibit. Which command set configures ROUTER-1 to allow Internet access for users on the 192.168.1.0/24 subnet while using 209.165.202.129 for Port Address Translation?

  • A. ip nat pool CCNA 192.168.0.0 192.168.1.255 netmask 255.255.255.0

    access-list 10 permit 192.168.0.0 0.0.0.255
    ip nat inside source list 10 pool CCNA overload
  • B. ip nat pool CCNA 209.165.202.129 209.165.202.129 netmask 255.255.255.255

    access-list 10 permit 192.168.1.0 255.255.255.0
    ip nat inside source list 10 pool CCNA overload
  • C. ip nat pool CCNA 192.168.0.0 192.168.1.255 netmask 255.255.255.0

    access-list 10 permit 192.168.0.0 255.255.255.0
    ip nat inside source list 10 pool CCNA overload
  • D. ip nat pool CCNA 209.165.202.129 209.165.202.129 netmask 255.255.255.255

    access-list 10 permit 192.168.1.0 0.0.0.255
    ip nat inside source list 10 pool CCNA overload
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #949 Topic 1

Which IP header field is changed by a Cisco device when QoS marking is enabled?

  • A. ECN
  • B. Header Checksum
  • C. Type of Service
  • D. DSCP
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Question #950 Topic 1

DRAG DROP
-

Drag and drop the SNMP components from the left onto the descriptions on the right.

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #951 Topic 1

Which DSCP per-hop forwarding behavior is divided into subclasses based on drop probability?

  • A. expedited
  • B. default
  • C. assured
  • D. class-selector
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #952 Topic 1

What are two features of the DHCP relay agent? (Choose two.)

  • A. assigns DNS locally and then forwards request to DHCP server
  • B. minimizes the necessary number of DHCP servers
  • C. permits one IP helper command under an individual Layer 3 interface
  • D. is configured under the Layer 3 interface of a router on the client subnet
  • E. allows only MAC-to-IP reservations to determine the local subnet of a client
Reveal Solution Hide Solution   Discussion   11

Correct Answer: AB 🗳️

Question #953 Topic 1

A DHCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16.32.15. What is the next step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

  • A. ip helper-address 172.16.32.15
  • B. ip default-gateway 192.168.52.253
  • C. ip forward-protocol udp 137
  • D. ip detault-network 192.168.52.253
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Question #954 Topic 1

Which two transport layer protocols carry syslog messages? (Choose two.)

  • A. IP
  • B. RTP
  • C. TCP
  • D. UDP
  • E. ARP
Reveal Solution Hide Solution   Discussion   3

Correct Answer: CD 🗳️

Question #955 Topic 1

What is the purpose of classifying network traffic in QoS?

  • A. configures traffic-matching rules on network devices
  • B. services traffic according to its class
  • C. identifies the type of traffic that will receive a particular treatment
  • D. writes the class identifier of a packet to a dedicated field in the packet header
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #956 Topic 1

DRAG DROP
-

Drag and drop the Qos features from the left onto the corresponding statements on the right.

Reveal Solution Hide Solution   Discussion   9

Correct Answer:

Question #957 Topic 1



Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R3?

  • A. interface FastEthernet0/1
    ip helper-address 10.0.1.1
    !
    access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1
  • B. interface FastEthernet0/1
    ip helper-address 10.0.1.1
    !
    access-list 100 permit udp host 10.0.1.1 eq 67 host 10.148.2.1
  • C. interface FastEthernet0/0
    ip helper-address 10.0.1.1
    !
    access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps
  • D. interface FastEthernet0/1
    ip helper-address 10.0.1.1
    !
    access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #958 Topic 1

DRAG DROP
-

Drag and drop the steps in a standard DNS lookup operation from the left into the order on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #959 Topic 1

Which two features introduced in SNMPv2 provide the ability to retrieve large amounts of data in one request and acknowledge a trap using PDUs? (Choose two.)

  • A. Get
  • B. GetNext
  • C. Set
  • D. GetBulk
  • E. Inform
Reveal Solution Hide Solution   Discussion   5

Correct Answer: DE 🗳️

Question #960 Topic 1

DRAG DROP
-

Drag and drop the DNS commands from the left onto their effects on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #961 Topic 1

What is the purpose of configuring different levels of syslog for different devices on the network?

  • A. to set the severity of syslog messages from each device
  • B. to control the number of syslog messages from different devices that are stored locally
  • C. to identify the source from which each syslog message originated
  • D. to rate-limit messages for different severity levels from each device
Reveal Solution Hide Solution   Discussion   9

Correct Answer: A 🗳️

Question #962 Topic 1



Refer to the exhibit. The DHCP server is configured with a DHCP pool for each of the subnets represented. Which command must be configured on switch SW1 to allow DHCP clients on VLAN 10 to receive dynamic IP addresses from the DHCP server?

  • A. SW1(config-if)#ip helper-address 192.168.10.1
  • B. SW1(config-if)#ip helper-address 192.168.20.1
  • C. SW1(config-if)#ip helper-address 192.168.20.2
  • D. SW1(config-if)#ip helper-address 192.168.10.2
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #963 Topic 1

DRAG DROP
-

Drag and drop the DNS lookup commands from the left onto the functions on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #964 Topic 1

Refer to the exhibit. Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

  • A. Router(config)#hostname R15 -
    R15(config)#ip domain-name cisco.com
    R15(config)#crypto key generate rsa general-keys modulus 1024

    R15(config)#ip ssh version 2 -

    R15(config-line)#line vty 0 15 -
    R15(config-line)# transport input ssh
  • B. Router(config)#crypto key generate rsa general-keys modulus 1024

    Router(config)#ip ssh version 2 -
    Router(config-line)#line vty 015
    Router(config-line)# transport input ssh
    Router(contig)#ip ssh logging events
    R15(config)#ip ssh stricthostkeycheck
  • C. Router(config)#hostname R15 -
    R15(config)#crypto key generate rsa general-keys modulus 1024

    R15(config-line)#line vty 0 15 -
    R15(config-line)# transport input ssh
    R15(config)#ip ssh source-interface Fa0/0
    R15(config)#ip ssh stricthostkeycheck
  • D. Router(config)#ip domain-name cisco.com
    Router(config)#crypto key generate rsa general-keys modulus 1024

    Router(contig)#ip ssh version 2 -
    Router(config-line)#line vty 0 15
    Router(config-line)# transport input all
    Router(config)#ip ssh logging events
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #965 Topic 1

hostname CPE
service password-encryption

ip domain name ccna.cisco.com
ip name-server 198.51.100.210

crypto key generate rsa modulus 1024

username admin privilege 15 secret s0m3s3cr3t

line vty 0 4
transport input ssh
login local

Refer to the exhibit. An engineer executed the script and added commands that were not necessary for SSH and now must remove the commands. Which two commands must be executed to correct the configuration? (Choose two.)

  • A. no ip name-serveer 198.51.100.210
  • B. no login local
  • C. no service password-encryption
  • D. no ip domain mame ccna.cisco.com
  • E. no hostname CPE
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AB 🗳️

Question #966 Topic 1

Which two actions are taken as the result of traffic policing? (Choose two.)

  • A. bursting
  • B. dropping
  • C. remarking
  • D. fragmentation
  • E. buffering
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AE 🗳️

Question #967 Topic 1

Which two server types support domain name to IP address resolution? (Choose two.)

  • A. authoritative
  • B. web
  • C. file transfer
  • D. resolver
  • E. ESX host
Reveal Solution Hide Solution   Discussion   5

Correct Answer: BD 🗳️

Question #968 Topic 1

What is a purpose of traffic shaping?

  • A. It enables policy-based routing.
  • B. It enables dynamic flow identification.
  • C. It provides best-effort service.
  • D. It limits bandwidth usage.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #969 Topic 1

An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result?

  • A. logging trap 5
  • B. logging trap 2
  • C. logging trap 3
  • D. logging trap 4
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #970 Topic 1

DRAG DROP
-

Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right.

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #971 Topic 1

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

  • A. console
  • B. Telnet
  • C. SSH
  • D. HTTPS
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #972 Topic 1



Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to global configuration mode via Telnet using a local username and password?

  • A. R1(config)#username admin -

    R1(config-if)#line vty 0 4 -
    R1(config-line)#password p@ss1234
    R1(config-line)#transport input telnet
  • B. R1(config)#username admin privilege 15 secret p@ss1234

    R1(config-if)#line vty 0 4 -
    R1(config-line)#login local
  • C. R1(config)#username admin secret p@ss1234

    R1(config-if)#line vty 0 4 -

    R1(config-line)#login local -
    R1(config)#enable secret p@ss1234
  • D. R1(config)#username admin -

    R1(config-if)#line vty 0 4 -
    R1(config-line)#password p@ss1234
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #973 Topic 1

Which type of encryption does WPA1 use for data protection?

  • A. PEAP
  • B. TKIP
  • C. AES
  • D. EAP
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #974 Topic 1



Refer to the exhibit. A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interface Serial0. What is the effect of the configuration as the administrator applies the command?

  • A. The router accepts all incoming traffic to Serial0 with the last octet of the source IP set to 0.
  • B. The permit command fails and returns an error code.
  • C. The router fails to apply the access list to the interface.
  • D. The sourced traffic from IP range 10.0.0.0 - 10.0.0.255 is allowed on Serial0.
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #975 Topic 1

DRAG DROP
-

Drag and drop the statements about AAA services from the left to the corresponding AAA services on the right. Not all options are used.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #976 Topic 1

A network engineer must configure an access list on a new Cisco IOS router. The access list must deny HTTP traffic to network 10.125.128.32/27 from the 192.168.240.0/20 network, but it must allow the 192.168.240.0/20 network to reach the rest of the 10.0.0.0/8 network. Which configuration must the engineer apply?

  • A. ip access-list extended deny_outbound
    10 permit ip 192.168.240.0 255.255.240.0 10.0.0.0 255.0.0.0
    20 deny tcp 192.168.240.0 255.255.240.0 10.125.128.32 255.255.255.224 eq 443
    30 permit ip any any
  • B. ip access-list extended deny_outbound
    10 deny tcp 192.168.240.0 0.0.15.255 10.125.128.32 0.0.0.31 eq 80
    20 permit ip 192.168.240.0 0.0.15.255 10.0.0.0 0.255.255.255
    30 deny ip any any log
  • C. ip access-list extended deny_outbound
    10 deny tcp 10.125.128.32 255.255.255.224 192.168.240.0 255.255.240.0 eq 443
    20 deny tcp 192.168.240.0 255.255.240.0 10.125.128.32 255.255.255.224 eq 443
    30 permit ip 192.168.240.0 255.255.240.0 10.0.0.0 255.0.0.0
  • D. ip access-list extended deny_outbound
    10 deny tcp 192.168.240.0 0.0.15.255 any eq 80
    20 deny tcp 192.168.240.0 0.0.15.255 10.125.128.32 0.0.0.31 eq 80
    30 permit ip 192.168.240.0 0.0.15.255 10.0.0.0 0.255.255.255
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #977 Topic 1

What is the definition of backdoor malware?

  • A. malicious code that is installed onto a computer to allow access by an unauthorized user
  • B. malicious program that is used to launch other malicious programs
  • C. malicious code that infects a user machine and then uses that machine to send spam
  • D. malicious code with the main purpose of downloading other malicious code
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #978 Topic 1

What does WPA3 provide in wireless networking?

  • A. backward compatibility with WPA and WPA2
  • B. safeguards against brute force attacks with SAE
  • C. increased security and requirement of a complex configuration
  • D. optional Protected Management Frame negotiation
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #979 Topic 1

Which global command encrypts all passwords in the running configuration?

  • A. service password-encryption
  • B. enable password-encryption
  • C. enable secret
  • D. password-encrypt
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #980 Topic 1



Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.
• Create the password as NA!2$cc.
• Encrypt the user password.

What must be configured to meet the requirements?

  • A. username CCUser privilege 10 password NA!2$cc
  • B. username CCUser privilege 15 password NA!2$cc
    enable secret 0 NA!2$cc
  • C. username CCUser secret NA!2Sce
  • D. username CCUser password NA!2$cc
    enable password level 5 NA!2$cc
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️

Question #981 Topic 1



Refer to the exhibit. A network engineer started to configure port security on a new switch. These requirements must be met:

• MAC addresses must be learned dynamically.
• Log messages must be generated without disabling the interface when unwanted traffic is seen.

Which two commands must be configured to complete this task? (Choose two.)

  • A. SW(config-if)#switchport port-security violation restrict
  • B. SW(config-if)#switchport port-security mac-address 0010.7B84.45E6
  • C. SW(config-if)#switchport port-security maximum 2
  • D. SW(config-if)#switchport port-security violation shutdown
  • E. SW(config-if)#switchport port-security mac-address sticky
Reveal Solution Hide Solution   Discussion   17

Correct Answer: BC 🗳️

Question #982 Topic 1

Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?

  • A. intrusion detection
  • B. network authorization
  • C. physical access control
  • D. user awareness
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #983 Topic 1

What are two protocols within the IPsec suite? (Choose two.)

  • A. 3DES
  • B. AES
  • C. ESP
  • D. TLS
  • E. AH
Reveal Solution Hide Solution   Discussion   2

Correct Answer: CE 🗳️

Question #984 Topic 1



Refer to the exhibit. Local access for R4 must be established and these requirements must be met:
• Only Telnet access is allowed.
• The enable password must be stored securely.
• The enable password must be applied in plain text.
• Full access to R4 must be permitted upon successful login.

Which configuration script meets the requirements?

  • A. !
    conf t
    !
    username test1 password testpass1
    enable secret level 15 0 Test123
    !
    line vty 0 15
    login local
    transport input telnet
  • B. !
    config t
    !
    username test1 password testpass1
    enable password level 15 0 Test123
    !
    line vty 0 15
    login local
    transport input all
  • C. !
    config t
    !
    username test1 password testpass1
    enable password level 1 7 Test123
    !
    line vty 0 15
    accounting exec default
    transport input all
  • D. !
    config t
    !
    username test1 password testpass1
    enable secret level 1 0 Test123
    !
    line vty 0 15
    login authentication
    password Test123
    transport input telnet
Reveal Solution Hide Solution   Discussion   7

Correct Answer: A 🗳️

Question #985 Topic 1

What is a characteristic of RSA?

  • A. It uses preshared keys for encryption.
  • B. It is an asymmetric encryption algorithm.
  • C. It is a symmetric decryption algorithm.
  • D. It requires both sides to have identical keys for encryption.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #986 Topic 1

What are two differences between WPA2 and WPA3 wireless security? (Choose two.)

  • A. WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key encryption.
  • B. WPA3 uses AES for stronger protection than WPA2, which uses SAE.
  • C. WPA2 uses 128-bit key encryption, and WPA3 supports 128-bit and 192-bit key encryption.
  • D. WPA3 uses SAE for stronger protection than WPA2, which uses AES.
  • E. WPA3 uses AES for stronger protection than WPA2, which uses TKIP.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: CD 🗳️

Question #987 Topic 1

What is an enhancement implemented in WPA3?

  • A. applies 802.1x authentication and AES-128 encryption
  • B. employs PKI and RADIUS to identify access points
  • C. uses TKIP and per-packet keying
  • D. defends against deauthentication and disassociation attacks
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #988 Topic 1

Which action must be taken when password protection is implemented?

  • A. Use less than eight characters in length when passwords are complex.
  • B. Include special characters and make passwords as long as allowed.
  • C. Share passwords with senior IT management to ensure proper oversight.
  • D. Store passwords as contacts on a mobile device with single-factor authentication.
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #989 Topic 1

DRAG DROP
-

Drag and drop the statements about AAA from the left onto the corresponding AAA services on the right. Not all options are used.

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #990 Topic 1

An engineer must configure R1 for a new user account. The account must meet these requirements:
• It must be configured in the local database.
• The username is engineer2.
• It must use the strongest password configurable.

Which command must the engineer configure on the router?

  • A. R1(config)# username engineer2 privilege 1 password 7 test2021
  • B. R1(config)# username engineer2 secret 4 $1$b1Ju$kZbBS1Pyh4QzwXyZ
  • C. R1(config)# username engineer2 algorithm-type scrypt secret test2021
  • D. R1(config)# username engineer2 secret 5 password $1$b1Ju$kZbBS1Pyh4QzwXyZ
Reveal Solution Hide Solution   Discussion   11

Correct Answer: C 🗳️

Question #991 Topic 1

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

  • A. GETVPN
  • B. DMVPN
  • C. site-to-site VPN
  • D. clientless VPN
  • E. IPsec remote access
Reveal Solution Hide Solution   Discussion   5

Correct Answer: AB 🗳️

Question #992 Topic 1

DRAG DROP
-

Drag and drop the statements about AAA services from the left onto the corresponding AAA services on the right. Not all options are used.

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #993 Topic 1

What is a characteristic of RSA?

  • A. It uses preshared keys for encryption.
  • B. It is a public-key cryptosystem.
  • C. It is a private-key encryption algorithm.
  • D. It requires both sides to have identical keys.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #994 Topic 1

What is used as a solution for protecting an individual network endpoint from attack?

  • A. antivirus software
  • B. wireless controller
  • C. router
  • D. Cisco DNA Center
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #995 Topic 1

Which security method is used to prevent man-in-the-middle attacks?

  • A. authentication
  • B. anti-replay
  • C. authorization
  • D. accounting
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #996 Topic 1

Which cipher is supported for wireless encryption only with the WPA2 standard?

  • A. RC4
  • B. AES
  • C. SHA
  • D. AES256
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #997 Topic 1



Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the ONS service. Which configuration updates the ACL efficiently?

  • A. no ip access-list extended Services
    ip access-list extended Services
    30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
  • B. ip access-list extended Services
    35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
  • C. ip access-list extended Services
    permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
  • D. no ip access-list extended Services
    ip access-list extended Services
    permit udp 10.0.0.0 0.255.255.255 any eq 53
    permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain deny ip any any log
Reveal Solution Hide Solution   Discussion   10

Correct Answer: D 🗳️

Question #998 Topic 1

Which WPA mode uses PSK authenticaton?

  • A. Local
  • B. Personal
  • C. Enterprise
  • D. Client
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #999 Topic 1

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

  • A. interface FastEthernet0/0
    ip address 10.122.49.1 255.255.255.252
    ip access-group 110 in

    ip access-list extended 110
    permit tcp 10.139.58.0 0.0.0.15 host 10.122.49.1 eq 22
  • B. interface FastEthernet0/0
    ip address 10.122.49.1 255.255.255.240
    access-group 120 in

    ip access-list extended 120
    permit tcp 10.139.58.0 255.255.255.248 any eq 22
  • C. interface FastEthernet0/0
    ip address 10.122.49.1 255.255.255.252
    ip access-group 105 in

    ip access-list standard 105
    permit tcp 10.139.58.0 0.0.0.7 eq 22 host 10.122.49.1
  • D. interface FastEthernet0/0
    ip address 10.122.49.1 255.255.255.248
    ip access-group 10 in

    ip access-list standard 10
    permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #1000 Topic 1

To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security program is being deployed?

  • A. user awareness
  • B. user training
  • C. physical access control
  • D. vulnerability verification
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1001 Topic 1

DRAG DROP
-

Drag and drop the characteristics of northbound APIs from the left onto any position on the right. Not all characteristics are used.

Reveal Solution Hide Solution   Discussion   4

Correct Answer:

Question #1002 Topic 1

Which benefit does Cisco DNA Center provide over traditional campus management?

  • A. Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.
  • B. Cisco DNA Center leverages SNMPv3 for encrypted management, and traditional campus management uses SNMPv2.
  • C. Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.
  • D. Cisco DNA Center automates SSH access for encrypted entry, and SSH is absent from traditional campus management.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #1003 Topic 1

How does Chef configuration management enforce a required device configuration?

  • A. The Chef Infra Server uses its configured cookbook to push the required configuration to the remote device requesting updates.
  • B. The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook.
  • C. The Chef Infra Server uses its configured cookbook to alert each remote device when it is time for the device to pull a new configuration.
  • D. The installed agent on the device queries the Chef Infra Server and the server responds by pushing the configuration from the cookbook.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Question #1004 Topic 1

What is the PUT method within HTTP?

  • A. It replaces data at the destination.
  • B. It is a nonidempotent operation.
  • C. It is a read-only operation.
  • D. It displays a web site.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1005 Topic 1

Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

  • A. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.
  • B. Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.
  • C. Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.
  • D. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #1006 Topic 1



Refer to the exhibit. In which structure does the word “warning” directly reside?

  • A. array
  • B. object
  • C. Boolean
  • D. string
Reveal Solution Hide Solution   Discussion   8

Correct Answer: B 🗳️

Question #1007 Topic 1

What is the purpose of a southbound API in a controller-based networking architecture?

  • A. facilitates communication between the controller and the applications
  • B. allows application developers to interact with the network
  • C. integrates a controller with other automation and orchestration tools
  • D. facilitates communication between the controller and the networking hardware
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #1008 Topic 1

DRAG DROP
-

Drag and drop the statements about device management from the left onto the corresponding types on the right.

Reveal Solution Hide Solution   Discussion   5

Correct Answer:

Question #1009 Topic 1

Which two northbound APIs are found in a software-defined network? (Choose two.)

  • A. REST
  • B. OpenFlow
  • C. SOAP
  • D. NETCONF
  • E. OpFlex
Reveal Solution Hide Solution   Discussion   8

Correct Answer: AD 🗳️

Question #1010 Topic 1

Which function generally performed by a traditional network device is replaced by a software-defined controller?

  • A. building route tables and updating the forwarding table
  • B. encapsulation and decapsulation of packets in a data-link frame
  • C. changing the source or destination address during NAT operations
  • D. encryption and decryption for VPN link processing
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

Question #1011 Topic 1

What describes a northbound REST API for SDN?

  • A. network-element-facing interface for GET, POST, PUT, and DELETE methods
  • B. application-facing interface for SNMP GET requests
  • C. application-facing interface for GET, POST, PUT, and DELETE methods
  • D. network-element-facing interface for the control and data planes
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1012 Topic 1

When is the PUT method used within HTTP?

  • A. to update a DNS server
  • B. when a nonidempotent operation is needed
  • C. to display a web site
  • D. when a read-only operation is required
Reveal Solution Hide Solution   Discussion   5

Correct Answer: B 🗳️

Question #1013 Topic 1

Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.)

  • A. REMOVE
  • B. REDIRECT
  • C. POST
  • D. GET
  • E. POP
Reveal Solution Hide Solution   Discussion   2

Correct Answer: CD 🗳️

Question #1014 Topic 1

What is the advantage of separating the control plane from the data plane within an SDN network?

  • A. limits data queries to the control plane
  • B. reduces cost
  • C. decreases overall network complexity
  • D. offloads the creation of virtual machines to the data plane
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #1015 Topic 1



Refer to the exhibit. What is missing from this output for it to be executed?

  • A. double quotes (" ") around the "Cisco Devices" string
  • B. exclamation point (!) at the beginning of each line
  • C. square bracket ( [ ) at the beginning
  • D. curly braket ( } ) at the end
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1016 Topic 1

What is a function of a northbound API in an SDN environment?

  • A. It relies on global provisioning and configuration.
  • B. It upgrades software and restores files.
  • C. It supports distributed processing for configuration.
  • D. It provides orchestration and network automation services.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1017 Topic 1

What is an Ansible inventory?

  • A. unit of Python code to be executed within Ansible
  • B. file that defines the target devices upon which commands and tasks are executed
  • C. device with Ansible installed that manages target devices
  • D. collection of actions to perform on target devices, expressed in YAML format
Reveal Solution Hide Solution   Discussion   15

Correct Answer: B 🗳️

Question #1018 Topic 1

DRAG DROP
-

Drag and drop the Ansible features from the left to the right. Not all features are used.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1019 Topic 1

What is a function of a northbound API?

  • A. It relies on global provisioning and configuration.
  • B. It upgrades software and restores files.
  • C. It supports distributed processing for configuration.
  • D. It provides a path between an SDN controller and network applications.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: A 🗳️

Question #1020 Topic 1



Refer to the exhibit. What does apple represent within the JSON data?

  • A. array
  • B. object
  • C. number
  • D. string
Reveal Solution Hide Solution   Discussion   20

Correct Answer: B 🗳️

Question #1021 Topic 1

DRAG DROP
-

Drag and drop the use cases of device-management technologies from the left onto the corresponding types on the right.

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #1022 Topic 1

Under the CRUD model, which two HTTP methods support the UPDATE operation? (Choose two.)

  • A. PATCH
  • B. DELETE
  • C. GET
  • D. POST
  • E. PUT
Reveal Solution Hide Solution   Discussion   3

Correct Answer: AE 🗳️

Question #1023 Topic 1

A network architect is considering whether to implement Cisco DNA Center to deploy devices on a new network. The organization is focused on reducing the time it currently takes to deploy devices in a traditional campus design. For which reason would Cisco DNA Center be more appropriate than traditional management options?

  • A. Cisco DNA Center supports deployment with a single pane of glass.
  • B. Cisco DNA Center provides zero-touch provisioning to third-party devices.
  • C. Cisco DNA Center reduces the need for analytics on third-party access points and devices.
  • D. Cisco DNA Center minimizes the level of syslog output when reporting on Cisco devices.
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #1024 Topic 1

DRAG DROP
-

Drag and drop the statements about device management from the left onto the corresponding device-management types on the right.

Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #1025 Topic 1

In a cloud-computing environment, what is rapid elasticity?

  • A. control and monitoring or resource consumption by the tenant
  • B. automatic adjustment of capacity based on need
  • C. pooling resources in a multitenant model based on need
  • D. self-service of computing resources by the tenant
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #1026 Topic 1

Which interface enables communication between a program on the controller and a program on the networking device?

  • A. software virtual interface
  • B. tunnel interface
  • C. northbound interface
  • D. southbound interface
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1027 Topic 1



Refer to the exhibit. How many arrays are present in the JSON data?

  • A. one
  • B. three
  • C. six
  • D. nine
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #1028 Topic 1

DRAG DROP
-

Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.

Reveal Solution Hide Solution   Discussion   14

Correct Answer:

Question #1029 Topic 1

Which interface type enables an application running on a client to send data over an IP network to a server?

  • A. northbound interface
  • B. application programming interface
  • C. southbound interface
  • D. Representational State Transfer application programming interface
Reveal Solution Hide Solution   Discussion   13

Correct Answer: B 🗳️

Question #1031 Topic 1

Which QoS feature drops traffic that exceeds the committed access rate?

  • A. policing
  • B. FIFO
  • C. shaping
  • D. weighted fair queuing
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1032 Topic 1

What does traffic shaping do?

  • A. It queues excess traffic
  • B. It sets QoS attributes within a packet
  • C. It organizes traffic into classes
  • D. It modifies the QoS attributes of a packet
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #1033 Topic 1



Refer to the exhibit. A Cisco engineer is asked to update the configuration on switch 1 so that the EtherChannel stays up when one of the links fails. Which configuration meets this requirement?

  • A. Switch1(config) # interface Fa0/0
    Switch1(config-if) # lacp port-priority 100
    Switch1(config) # interface Fa0/1
    Switch1(config-if) # lacp port-priority 200
  • B. Switch1(config) # interface port-channel 1
    Switch1(config-if) # port-channel min-links 1
  • C. Switch1(config) # interface Fa0/0
    Switch1(config-if) # lacp port-priority 200
    Switch1(config) # interface Fa0/1
    Switch1(config-if) # lacp port-priority 100
  • D. Switch1(config) # interface port-channel 1
    Switch1(config-if) # lacp max-bundle 1
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #1034 Topic 1

Which two protocols are supported on service-port interfaces? (Choose two.)

  • A. Telnet
  • B. SCP
  • C. TACACS+
  • D. SSH
  • E. RADIUS
Reveal Solution Hide Solution   Discussion   2

Correct Answer: AD 🗳️

Question #1035 Topic 1

What is the benefit of using private IPv4 addressing?

  • A. to enable secure connectivity over the Internet
  • B. to shield internal network devices from external access
  • C. to provide reliable connectivity between like devices
  • D. to be routable over an external network
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #1036 Topic 1

Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two switches with these requirements:

• using an industry-standard trunking protocol
• permitting VLANs 1-10 and denying other VLANs

How must the interconnecting ports be configured?

  • A. switchport mode dynamic
    channel-protocol lacp
    switchport trunk allowed vlans 1-10
  • B. switchport mode trunk
    switchport trunk allowed vlans 1-10
    switchport trunk native vlan 11
  • C. switchport mode trunk
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlans 1-10
  • D. switchport mode dynamic desirable
    channel-group 1 mode desirable
    switchport trunk encapsulation isl
    switchport trunk allowed vlan except 11-4094
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #1037 Topic 1



Refer to the exhibit. Traffic that is flowing over interface TenGigabitEthemet0/0/0 experiences slow transfer speeds. What is the cause of this issue?

  • A. speed conflict
  • B. queuing drops
  • C. duplex incompatibility
  • D. heavy traffic congestion
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #1038 Topic 1

Which two host addresses are reserved for private use within an enterprise network? (Choose two.)

  • A. 10.172.76.200
  • B. 12.17.1.20
  • C. 172.15.2.250
  • D. 172.31.255.100
  • E. 192.169.32.10
Reveal Solution Hide Solution   Discussion   10

Correct Answer: AC 🗳️

Question #1039 Topic 1



Refer to the exhibit. The iPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. Which address must be used?

  • A. ipv6 address 2001:DB8:D8D2:1009:10A0:ABFF:FECC:1 eui-64
  • B. ipv6 address 2001:DB8:D8D2:1009:1230:ABFF:FECC:1 eui-64
  • C. ipv6 address 2001:DB8:D8D2:1009:4347:31FF:FF47:0 eui-64
  • D. ipv6 address 2001:DB8:D8D2:1009:12A0:AB34:FFCC:1 eui-64
Reveal Solution Hide Solution   Discussion   4

Correct Answer: A 🗳️

Question #1040 Topic 1

What are two reasons to configure PortFast on a switch port attached to an end host? (Choose two.)

  • A. to block another switch or host from communicating through the port
  • B. to enable the port to enter the forwarding state immediately when the host boots up
  • C. to prevent the port from participating in Spanning Tree Protocol operations
  • D. to protect the operation of the port from topology change processes
  • E. to limit the number of MAC addresses learned on the port to 1
Reveal Solution Hide Solution   Discussion   9

Correct Answer: BD 🗳️

Question #1041 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window
• All necessary preconfigurations have been applied
• Do not change the enable password or hostname for any device
• Save your configurations to NVRAM before moving to the next item
• Click Next at the bottom of the screen to submit this lab and move to the next question
• When Next is clicked the lab closes and cannot be reopened


Topology
-




Tasks
-

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured.

1. Configure an LACP EtherChannel and number it as 44; configure it between switches SW1 and SW2 using interfaces Ethemet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends.
2. Configure the EtherChannel as a trunk link.
3. Configure the trunk link with 802.1q tags.
4. Configure VLAN 'MONITORING' as the untagged VLAN of the EtherChannel.

Reveal Solution Hide Solution   Discussion   11

Correct Answer:

Question #1042 Topic 1

A network administrator wants the syslog server to filter incoming messages into different files based on their importance. Which filtering criteria must be used?

  • A. message body
  • B. level
  • C. facility
  • D. process ID
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #1043 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window
• All necessary preconfigurations have been applied
• Do not change the enable password or hostname for any device
• Save your configurations to NVRAM before moving to the next item
• Click Next at the bottom of the screen to submit this lab and move to the next question
• When Next is clicked, the lab closes and cannot be reopened


Topology
-




Tasks
-

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.
2. Configure an IPv4 default route on router R2 destined for router R4.
3. Configure an IPv6 default router on router R2 destined for router R4.

Reveal Solution Hide Solution   Discussion   12

Correct Answer:

Question #1044 Topic 1

Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?

  • A. console port
  • B. management interface
  • C. virtual interface
  • D. service port
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #1045 Topic 1



Refer to the exhibit. A network administrator configures the CPE to provide internet access to the company headquarters. Traffic must be load-balanced via ISP1 and ISP2 to ensure redundancy.
Which two command sets must be configured on the CPE router? (Choose two.)

  • A. ip route 0.0.0.0 0.0.0.0 198.51.100.1 255
    ip route 0.0.0.0 0.0.0.0 203.0.113.1 255
    ip route 128.0.0.0 128.0.0.0 203.0.113.1
  • B. ip route 0.0.0.0 128.0.0.0 198.51.100.1
    ip route 128.0.0.0 128.0.0.0 203.0.113.1
    ip route 0.0.0.0 0.0.0.0 198.51.100.1
    ip route 0.0.0.0 0.0.0.0 203.0.113.1
  • C. ip route 0.0.0.0 0.0.0.0 198.51.100.1
    ip route 0.0.0.0 0.0.0.0 203.0.113.1
  • D. ip route 0.0.0.0 128.0.0.0 198.51.100.1
    ip route 128.0.0.0 128.0.0.0 203.0.113.1
  • E. ip route 0.0.0.0 0.0.0.0 198.51.100.1
    ip route 0.0.0.0 0.0.0.0 203.0.113.1 2
Reveal Solution Hide Solution   Discussion   14

Correct Answer: C 🗳️

Question #1046 Topic 1



Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

  • A. interface port-channel 2
    channel-group 2 mode desirable
  • B. interface fastethernet 1/1
    channel-group 2 mode on
  • C. interface fastethernet 1/1
    channel-group 2 mode active
  • D. interface port-channel 2
    channel-group 2 mode auto
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Question #1047 Topic 1

Which two characteristics are representative of virtual machines (VMs)? (Choose two.)

  • A. multiple VMs operate on the same underlying hardware
  • B. Each VMs operating system depends on its hypervisor
  • C. A VM on a hypervisor is automatically interconnected to other VMs
  • D. A VM on an individual hypervisor shares resources equally
  • E. Each VM runs independently of any other VM in the same hypervisor
Reveal Solution Hide Solution   Discussion   3

Correct Answer: AE 🗳️

Question #1048 Topic 1

What is the recommended switch load-balancing mode for Cisco WLCs?

  • A. source-destination IP address
  • B. destination IP address
  • C. destination MAC address
  • D. source-destination MAC address
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1049 Topic 1

What must be considered when using 802.11a?

  • A. It is chosen over 802.11b when a lower-cost solution is necessary
  • B. It is susceptible to interference from 2.4 GHz devices such as microwave ovens
  • C. It is compatible with 802.11b- and 802 11g-compliant wireless devices
  • D. It is used in place of 802.11b/g when many nonoverlapping channels are required
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1050 Topic 1



Refer to the exhibit. An engineer configures interface fa0/1 on SW1 and SW2 to pass traffic from two different VLANs. For security reasons, company policy requires the native VLAN to be set to a nondefault value. Which configuration meets this requirement?

  • A. Switch(config-if)#switchport mode trunk
    Switch(config-if)#switchport trunk encapsulation dot1q
    Switch(config-if)#switchport trunk allowed vlan 100,105
    Switch(config-if)#switchport trunk native vlan 3
  • B. Switch(config-if)#switchport mode trunk
    Switch(config-if)#switchport trunk encapsulation isl
    Switch(config-if)#switchport trunk allowed vlan 100,105
    Switch(config-if)#switchport trunk native vlan 1
  • C. Switch(config-if)#switchport mode dynamic
    Switch(config-if)#switchport access vlan 100,105
    Switch(config-if)#switchport trunk native vlan 1
  • D. Switch(config-if)#switchport mode access
    Switch(config-if)#switchport trunk encapsulation dot1q
    Switch(config-if)#switchport access vlan 100,105
    Switch(config-if)#switchport trunk native vlan 3
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #1051 Topic 1



Refer to the exhibit A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements:

• accommodates current configured VLANs
• expands the range to include VLAN 20
• allows for IEEE standard support for virtual LANs

Which configuration on the NewSwitch side of the link meets these requirements?

  • A. switch port mode dynamic
    channel group 1 mode active
    switchport trunk allowed vlan 5,10,15, 20
  • B. no switchport mode trunk
    switchport trunk encapsulation isl
    switchport mode access vlan 20
  • C. switchport nonegotiate
    no switchport trunk allowed vlan 5,10
    switchport trunk allowed vlan 5,10,15,20
  • D. no switchport trunk encapsulation isl
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan add 20
Reveal Solution Hide Solution   Discussion   5

Correct Answer: D 🗳️

Question #1052 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.


Topology
-




Tasks
-

Connectivity between three routers has been established, and IP services must be configured in the order presented to complete the implementation. Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named PUBNET. To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.
2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on May 1, 2018.
3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named NETPOOL. Using a single command, exclude addresses 1 - 10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.
4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user netadmin and password N3t4ccess must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console.

Reveal Solution Hide Solution   Discussion   14

Correct Answer:

Question #1053 Topic 1



Refer to the exhibit. A network engineer is adding another physical interface as a new member to the existing Port-Channel1 bundle. Which command set must be configured on the new interface to complete the process?

  • A. no switchport
    channel group 1 mode active
  • B. no switchport
    channel-group 1 mode on
  • C. switchport mode trunk
    channel-group 1 mode active
  • D. switchport
    switchport mode trunk
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #1054 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.


Topology
-




Tasks
-

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 12 named Compute and VLAN 34 named Telephony where required for each task.
2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.
3. Configure the connection between the switches using access ports.
4. Configure Ethernet0/1 on SW1 using data and voice VLANs.
5. Configure Ethernet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Reveal Solution Hide Solution   Discussion   8

Correct Answer:

Question #1055 Topic 1



Refer to the exhibit. What is occurring on this switch?

  • A. Frames are dropped after 16 failed transmission attempts
  • B. The internal transmit buffer is overloaded
  • C. A high number of frames smaller than 64 bytes are received
  • D. An excessive number of frames greater than 1518 bytes are received
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #1056 Topic 1



Refer to the exhibit SW_1 and SW_12 represent two companies that are merging. They use separate network vendors. The VLANs on both sides have been migrated to share IP subnets. Which command sequence must be issued on both sides to join the two companies and pass all VLANs between the companies?

  • A. switchport mode trunk
    switchport trunk encapsulation dot1q
  • B. switchport mode trunk
    switchport trunk allowed vlan all
    switchport dot1q ethertype 0800
  • C. switchport mode dynamic desirable
    switchport trunk allowed vlan all
    switchport trunk native vlan 7
  • D. switchport dynamic auto
    switchport nonegotiate
Reveal Solution Hide Solution   Discussion   5

Correct Answer: C 🗳️

Question #1057 Topic 1

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abcd.abcd.abcd on voice VLAN 4?

  • A. switchport port-security mac-address abcd.abcd.abcd vlan 4
  • B. switchport port-security mac-address abcd.abcd.abcd vlan voice
  • C. switchport port-security mac-address abcd.abcd.abcd
  • D. switchport port-security mac-address sticky abcd.abcd.abcd vlan 4
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

Question #1058 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.


Topology
-




Tasks
-

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.180.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:acca::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable /28 from the 192.168.180.0/24 range. The network 192.168.180.0/28 is unavailable.
2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.
3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.
4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.
5. A ping must work between the routers on the IPv4 and IPv6 address ranges.



Reveal Solution Hide Solution   Discussion   10

Correct Answer:

Question #1059 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.


Topology
-




Tasks
-

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted across any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:


VLAN 202: MARKETING
-

VLAN 303: FINANCE
-

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.
2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.
3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.





Reveal Solution Hide Solution   Discussion   17

Correct Answer:

Question #1060 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.


Topology
-




Tasks
-

Refer to the topology. All physical cabling is in place. Configure a local user account, a Named ACL (NACL), and security.


Task 1
-

Configure a local account on Sw101 with telnet access only on virtual ports 0-4. Use the following information:

• Username: support
• Password: max2learn
• Privilege level: Exec mode


Task 2
-

Configure and apply a single NACL on Sw101 using the following:

• Name: ENT_ACL
• Restrict only PC2 on VLAN 200 from pinging PC1
• Allow only PC2 on VLAN 200 to telnet to Sw101
• Prevent all other devices from telnetting from VLAN 200
• Allow all other network traffic from VLAN 200


Task 3
-

Configure security on interface Ethernet 0/0 of Sw102:

• Set the maximum number of secure MAC addresses to four.
• Drop packets with unknown source addresses until the number of secure MAC addresses drops below the configured maximum value. No notification action is required.
• Allow secure MAC addresses to be learned dynamically.







Reveal Solution Hide Solution   Discussion   6

Correct Answer:

Question #1061 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices:

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.


Topology
-




Tasks
-

Refer to the topology. All physical cabling is in place. Configure local users accounts, modify the Named ACL (NACL), and configure DHCP Snooping. The current contents of the NACL must remain intact.


Task 1
-

Configure a local account on Gw1 with telnet access only on virtual ports 0-4. Use the following information:

• Username: wheel
• Password: lock3path
• Algorithm type: Scrypt
• Privilege level: Exec mode


Task 2
-

Configure and apply a NACL on Gw1 to control network traffic from VLAN 10:

• Name: CORP_ACL
• Allow BOOTP and HTTPS
• Restrict all other traffic and log the ingress interface, source MAC address, the packet’s source and destination IP addresses, and ports


Task 3
-

Configure Sw1:

• Enable DNCP Snooping for VLAN 10
• Disable DHCP Option-82 data insertion
• Enable DHCP Snooping MAC address verification
• Enable trusted interfaces



Reveal Solution Hide Solution   Discussion   12

Correct Answer:

Question #1062 Topic 1

What is represented by the word "LB20" within this JSON schema?

  • A. value
  • B. array
  • C. object
  • D. key
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #1063 Topic 1

What is represented beginning with line 1 and ending with line 5 within this JSON schema?

  • A. key
  • B. object
  • C. array
  • D. value
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #1064 Topic 1

What is represented by the word "IDS" within this JSON schema?

  • A. object
  • B. value
  • C. array
  • D. key
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #1065 Topic 1

What is represented in line 4 within this JSON schema?

  • A. object
  • B. array
  • C. key
  • D. value
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #1066 Topic 1

What is represented by the word "port" within this JSON schema?

  • A. key
  • B. value
  • C. array
  • D. object
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #1067 Topic 1

What provides connection redundancy, increased bandwidth, and load sharing between a wireless LAN controller and a Layer 2 switch?

  • A. first hop redundancy
  • B. VLAN trunking
  • C. tunneling
  • D. link aggregation
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #1068 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1069 Topic 1

Which interface is used to send traffic to the destination network?

  • A. F0/5
  • B. F0/6
  • C. F0/12
  • D. F0/9
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1070 Topic 1

What is the purpose of an SSID?

  • A. It identifies an individual access point on a WLAN.
  • B. It differentiates traffic entering access points.
  • C. It provides network security.
  • D. It identifies a WLAN.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Question #1071 Topic 1

Which two types of attack are categorized as social engineering? (Choose two.)

  • A. phoning
  • B. malvertising
  • C. probing
  • D. pharming
  • E. phishing
Reveal Solution Hide Solution   Discussion   8

Correct Answer: DE 🗳️

Question #1072 Topic 1

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.


Topology
-




Tasks
-

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.
2. Configure default reachability to the Internet subnet in router R1.
3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.
4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1, and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Reveal Solution Hide Solution   Discussion   15

Correct Answer:

Question #1073 Topic 1

What describes the functionality of southbound APIs?

  • A. They enable communication between the controller and the network device.
  • B. They communicate with the management plane.
  • C. They use HTTP messages to communicate.
  • D. They convey information from the controller to the SDN applications.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1074 Topic 1



Refer to the exhibit. A network engineer is verifying the settings on a new OSPF network. All OSPF configurations use the default values unless otherwise indicated. Which router does the engineer expect will be elected as the DR when all devices boot up simultaneously?

  • A. R1
  • B. R2
  • C. R3
  • D. R4
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #1075 Topic 1

Which command must be entered so that the default gateway is automatically distributed when DHCP is configured on a router?

  • A. dns-server
  • B. default-router
  • C. ip helper-address
  • D. default-gateway
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #1076 Topic 1

What are two functions of a firewall within an enterprise? (Choose two.)

  • A. It enables traffic filtering based on URLs.
  • B. It serves as an endpoint for a site-to-site VPN in standalone mode.
  • C. It provides support as an endpoint for a remote access VPN in multiple context mode.
  • D. It offers Layer 2 services between hosts.
  • E. It enables wireless devices to connect to the network.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: BC 🗳️

Question #1077 Topic 1

What is the maximum number of concurrent Telnet sessions that a Cisco WLC supports?

  • A. 3
  • B. 5
  • C. 6
  • D. 15
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #1078 Topic 1

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

  • A. Reassociation Request
  • B. Authentication Request
  • C. Association Request
  • D. Probe Request
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1079 Topic 1

What is a functionality of the control plane in the network?

  • A. It looks up an egress interface in the forwarding information base.
  • B. It forwards traffic to the next hop.
  • C. It exchanges topology information with other routers.
  • D. It provides CLI access to the network device.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1080 Topic 1



Refer to the exhibit. All switches are configured with the default STP priorities. During the STP elections, which switch becomes the root bridge if all interfaces are in the same VLAN?

  • A. MDF-DC-1: 0d:E0:43:96:02:30
  • B. MDF-DC-2: 0d:0E:18:1B:05:97
  • C. MDF-DC-4: 0d:E0:19:A1:B3:19
  • D. MDF-DC-3: 0d:0E:18:2A:3C:9D
Reveal Solution Hide Solution   Discussion   4

Correct Answer: B 🗳️

Question #1081 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #1082 Topic 1

What is represented by the word "VPN11" within this JSON schema?

  • A. key
  • B. array
  • C. object
  • D. value
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #1083 Topic 1

Which port type supports the spanning-tree portfast command without additional configuration?

  • A. Layer 3 main interfaces
  • B. Layer 3 subinterfaces
  • C. trunk ports
  • D. access ports
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #1084 Topic 1

What is represented by the word "R29" within this JSON schema?

  • A. array
  • B. key
  • C. object
  • D. value
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1085 Topic 1

What is represented in line 2 within this JSON schema?

  • A. object
  • B. value
  • C. key
  • D. array
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1086 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1087 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1088 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion  

Correct Answer:

Question #1089 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1090 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1091 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion  

Correct Answer:

Question #1092 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1093 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   7

Correct Answer:

Question #1094 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. is used without allocation from a regional internet authority
  • B. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization
  • C. reduces the forwarding table on network routers
  • D. provides unlimited address ranges
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #1095 Topic 1

Which interface condition is occurring in this output?

  • A. bad NIC
  • B. high throughput
  • C. queueing
  • D. broadcast storm
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #1096 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. is used when the ISP requires the new subnet to be advertised to the internet for web services
  • B. provides unlimited address ranges
  • C. is used when the network has multiple endpoint listeners
  • D. alleviates the shortage of IPv4 addresses
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #1097 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization
  • B. allows endpoints to communicate across public network boundaries
  • C. is used on hosts that communicate only with other internal hosts
  • D. reduces network complexity
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1098 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. traverses the internet when an outbound ACL is applied
  • B. alleviates the shortage of IPv4 addresses
  • C. is used when the ISP requires the new subnet to be advertised to the internet for web services
  • D. enables secure connectivity over the internet
Reveal Solution Hide Solution   Discussion   3

Correct Answer: B 🗳️

Question #1099 Topic 1

Which interface condition is occurring in this output?

  • A. broadcast storm
  • B. duplex mismatch
  • C. high throughput
  • D. queueing
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #1100 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. is used when the ISP requires the new subnet to be advertised to the internet for web services
  • B. allows multiple companies to use the same addresses without conflict
  • C. is used on the external interface of a firewall
  • D. allows endpoints to communicate across public network boundaries
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #1101 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1102 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1103 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1104 Topic 1

What is a characteristic of an SSID in wireless networks?

  • A. identifies an access point on a WLAN
  • B. uses the password to connect to an access point
  • C. uses policies to prevent unauthorized users
  • D. uses a case-sensitive text string
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #1105 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. reduces network complexity
  • B. is used on hosts that communicate only with other internal hosts
  • C. simplifies the addressing in the network
  • D. reduces network maintenance costs
Reveal Solution Hide Solution   Discussion   1

Correct Answer: B 🗳️

Question #1106 Topic 1

What is a characteristic of encryption in wireless networks?

  • A. identifies an access point on a WLAN
  • B. uses the password to connect to an access point
  • C. uses integrity checks to identify forgery attacks in the frame
  • D. uses authentication protocols to secure a network
Reveal Solution Hide Solution   Discussion   11

Correct Answer: D 🗳️

Question #1107 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. simplifies the addressing in the network
  • B. complies with PCI regulations
  • C. reduces the forwarding table on network routers
  • D. is used on hosts that communicate only with other internal hosts
Reveal Solution Hide Solution   Discussion   2

Correct Answer: D 🗳️

Question #1108 Topic 1

What is a characteristic of an SSID in wireless networks?

  • A. eliminates network piggybacking
  • B. prompts a user for a login ID
  • C. broadcasts a beacon signal to announce its presence by default
  • D. must include a combination of letters and numbers
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1109 Topic 1

What is a characteristic of encryption in wireless networks?

  • A. provides increased protection against spyware
  • B. prompts a user for a login ID
  • C. uses ciphers to detect and prevent zero-day network attacks
  • D. prevents the interception of data as it transits a network
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #1110 Topic 1

What is a characteristic of an SSID in wireless networks?

  • A. intercepts data threats before they attack a network
  • B. encodes connections at the sending and receiving ends
  • C. broadcasts a beacon signal to announce its presence by default
  • D. identifies an access point on a WLAN
Reveal Solution Hide Solution   Discussion   13

Correct Answer: C 🗳️

Question #1111 Topic 1



Refer to the exhibit. SW2 is replaced because of a hardware failure. A network engineer starts to configure SW2 by copying the fa0/1 interface configuration from SW1. Which command must be configured on the fa0/1 interface of SW2 to enable PC1 to connect to PC2?

  • A. switchport mode trunk
  • B. switchport trunk native vlan 10
  • C. switchport mode access
  • D. switchport trunk allowed remove 10
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Question #1112 Topic 1

DRAG DROP
-

Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.

Reveal Solution Hide Solution   Discussion   3

Correct Answer:

Question #1113 Topic 1

What is a characteristic of private IPv4 addressing?

  • A. composed of up to 65,536 available addresses
  • B. issued by IANA in conjunction with an autonomous system number
  • C. used without tracking or registration
  • D. traverse the Internet when an outbound ACL is applied
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1114 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1115 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1116 Topic 1

How does MAC learning function on a switch?

  • A. broadcasts frames to all ports without queueing
  • B. sends an ARP request to locate unknown destinations
  • C. adds unknown source MAC addresses to the address table
  • D. sends a retransmission request when a new frame is received
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1117 Topic 1

Which interface condition is occurring in this output?

  • A. broadcast storm
  • B. collisions
  • C. high throughput
  • D. duplex mismatch
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1118 Topic 1

What is a characteristic of an SSID in wireless networks?

  • A. converts electrical current to radio waves
  • B. uses policies to prevent unauthorized users
  • C. broadcasts a beacon signal to announce its presence by default
  • D. prompts a user for a login ID
Reveal Solution Hide Solution   Discussion   4

Correct Answer: C 🗳️

Question #1119 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   2

Correct Answer:

Question #1120 Topic 1



Refer to the exhibit. Which switch becomes the root bridge?

  • A. SW3 -

    Bridge Priority - 57344 -
    mac-address 0b:bb:e0:96:a3:86
  • B. SW2 -

    Bridge Priority - 57344 -
    mac-address 00:b6:c5:17:8e:89
  • C. SW1 -

    Bridge Priority - 28672 -
    mac-address 0c:d4:e9:1d:3c:24
  • D. SW4 -

    Bridge Priority - 28672 -
    mac-address 0b:09:23:33:b8:91
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #1121 Topic 1

Which interface is used to send traffic to the destination network?

  • A. G0/9
  • B. G0/20
  • C. G0/16
  • D. G0/11
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #1122 Topic 1

What is represented by the word "fe5/42" within this JSON schema?

  • A. array
  • B. object
  • C. value
  • D. key
Reveal Solution Hide Solution   Discussion   2

Correct Answer: C 🗳️

Question #1123 Topic 1



Refer to the exhibit. Which switch becomes the root bridge?

  • A. SW 1 -

    Bridge Priority - 32768 -
    mac-address 0f:d7:9e:13:ab:82
  • B. SW 2 -

    Bridge Priority - 40960 -
    mac-address 05:d8:33:09:8f:89
  • C. SW 3 -

    Bridge Priority - 32768 -
    mac-address 01:1c:6c:66:b7:70
  • D. SW 4 -

    Bridge Priority - 40960 -
    mac-address 04:44:97:51:63:17
Reveal Solution Hide Solution   Discussion   3

Correct Answer: C 🗳️

Question #1124 Topic 1



Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be modified for the connection to work?

  • A. Subnet Mask
  • B. DNS Servers
  • C. Default Gateway
  • D. DHCP Servers
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1125 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the cable type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1126 Topic 1

How does frame switching function on a switch?

  • A. rewrites the source and destination MAC address
  • B. forwards frames to a neighbor port using CDP
  • C. forwards known destinations to the destination port
  • D. is disabled by default on all interfaces and VLANs
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1127 Topic 1

DRAG DROP
-

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1128 Topic 1

What is a characteristic of an SSID in wireless networks?

  • A. uses policies to prevent unauthorized users
  • B. identifies an access point on a WLAN
  • C. prompts a user for a login ID
  • D. associates a name to a WLAN
Reveal Solution Hide Solution   Discussion   4

Correct Answer: D 🗳️

Question #1129 Topic 1

What is represented by the word "port" within this JSON schema?

  • A. value
  • B. array
  • C. key
  • D. object
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️

Question #1130 Topic 1

DRAG DROP
-

Drag and drop the statements about AAA services from the left to the corresponding AAA services on the right. Not all options are used.

Reveal Solution Hide Solution   Discussion   1

Correct Answer:

Question #1131 Topic 1

Which interface condition is occurring in this output?

  • A. collisions
  • B. broadcast storm
  • C. duplex mismatch
  • D. queueing
Reveal Solution Hide Solution   Discussion   6

Correct Answer: C 🗳️

Question #1132 Topic 1

DRAG DROP
-

Drag and drop the IPv6 address from the left onto the type on the right.

Reveal Solution Hide Solution   Discussion   12

Correct Answer: